0

I am following the steps on https://blog.jdriven.com/2019/11/spring-cloud-gateway-with-openid-connect-and-token-relay/ , using a gateway and a microservice. Everything works fine, but when I try to exclude a resource (like for example "somepage.html") in the microservice, it does not work, I always get redirected to the keycloak login.

I tried to in the config part of the service to add

http.authorizeRequests()
.antMatchers("/index*")
.permitAll();

but it did not work, I added this part to the config:

@Override
public void configure(WebSecurity web) throws Exception {
  web.ignoring().antMatchers("/public/**");
}

but it did not help either... This is the gateway config file:

server:
  port: 8080

spring:
  application:
    name: travel-spring-cloud-gateway
  security:
    oauth2:
      client:
        provider:
          keycloak:
            issuer-uri: http://localhost:8090/auth/realms/spring-cloud-gateway-realm
            user-name-attribute: preferred_username
        registration:
          keycloak:
            client-id: spring-cloud-gateway-client
            client-secret: 3a456790-c720-4208-9d4b-fb230ea03dc1

  cloud:
    gateway:
      default-filters:
      - TokenRelay

      routes:
      - id: front-service
        uri: http://127.0.0.1:8086/front
        predicates:
          - Path=/front/**

How can I make the gateway (or the microservice) prevent a request from being redirected to the keycloak login?

João Dias
  • 16,277
  • 6
  • 33
  • 45
greg2999
  • 1
  • 1
  • 2
  • I think `antMatchers` matchers url patterns, so if you're serving your resources in the `resources/*` path, antMatchers("/resources/*") or antMatchers("*/resources/*") should work. Welcome to Stack Overflow, BTW ;-) – Aritz Dec 25 '20 at 10:58
  • I tried adding " antMatchers("/resources/*") " in the config part of the microservice. Results were the same, the request got redirected to the keycloak login page. Removing the "http.oauth2Login();" from config part in the gateway partially solved it, but redirects then to the normal spring security login pop up. `@Bean public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http,ReactiveClientRegistrationRepository clientRegistrationRepository) { ... //http.oauth2Login(); ... } ` – greg2999 Dec 25 '20 at 17:01
  • Have you tried the [double asterisk wildcard](https://stackoverflow.com/questions/2952196/ant-path-style-patterns) instead of one? – Aritz Dec 25 '20 at 17:50

0 Answers0