Demo for configuring Keycloak authentication for a spring-boot rest service and AngularJs web client
Download keycloak-appliance-dist-all-1.1.0.final.zip (or later version).
Start keycloack and import the realm provided with the source code.
4. Start the angular application
5. Go to localhost:7005 and login using user/pass.
As all three applications run on different domains, we have to configure CORS.
In keycloak.json a new line has to be added:
Also, CORSFilter has to be added in order to provide required headers for XMLHttpRequests.
In some cases we may need to access the user in context. Keycloak configuration is configured at container level, so Spring Security filters cannot be used.
Add security context dependency in order to have SpringContextHolder class. Do not use spring-boot-security as then the web application will be secure by default with ‘basic’ authentication on all HTTP endpoints.
We can add a simple HttpFilter which sets the securityContext:
For writing integration tests we need Kecloak's Direct Access API.