42 lines
1.5 KiB
Java
42 lines
1.5 KiB
Java
package com.baeldung.keycloak;
|
|
|
|
import org.springframework.context.annotation.Bean;
|
|
import org.springframework.context.annotation.Configuration;
|
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
|
import org.springframework.security.core.session.SessionRegistryImpl;
|
|
import org.springframework.security.web.SecurityFilterChain;
|
|
import org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy;
|
|
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
|
|
|
|
@Configuration
|
|
@EnableWebSecurity
|
|
class SecurityConfig {
|
|
|
|
private final KeycloakLogoutHandler keycloakLogoutHandler;
|
|
|
|
SecurityConfig(KeycloakLogoutHandler keycloakLogoutHandler) {
|
|
this.keycloakLogoutHandler = keycloakLogoutHandler;
|
|
}
|
|
|
|
@Bean
|
|
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
|
|
return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl());
|
|
}
|
|
|
|
@Bean
|
|
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
|
http.authorizeRequests()
|
|
.antMatchers("/customers*", "/users*")
|
|
.hasRole("USER")
|
|
.anyRequest()
|
|
.permitAll();
|
|
http.oauth2Login()
|
|
.and()
|
|
.logout()
|
|
.addLogoutHandler(keycloakLogoutHandler)
|
|
.logoutSuccessUrl("/");
|
|
return http.build();
|
|
}
|
|
}
|