Keycloak Springboot bearer only for specific endpoint and non bearer for another

Question

I am trying to use keycloak springboot adapter. I want to make some endpoints with "/api" work with bearer only to true.

But I also want the endpoint "/login" to not be a bearer only endpoint and redirect the user to the keycloak OIDC login page if he is not authenticated.

How can I achieve that ?

All I have now is just bearer only for every endpoints in my application properties.

Thanks in advance for your answers :)

ch4mp · Answer 1 · 2022-08-03T00:57:07.460

In web-security conf,

enable anonymous
in http-security ant-matchers, add an entry for your public routes with permitAll()

    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        http.anonymous();
        http.authorizeRequests()
                .antMatchers("/login").permitAll()
                .anyRequest().authenticated();
        return http.build();
    }

PS

Keycloak spring adapters are deprecated

As an alternative, you can use:

spring-addons-webmvc-jwt-resource-server tutorial here
spring-boot-starter-oauth2-resource-server tutorial there (it requires more Java conf)

Keycloak Springboot bearer only for specific endpoint and non bearer for another

1 Answers1

PS