Touchups, Init SecurityConfig/BeanConfig/Properties

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2022-05-06 10:26:59 +02:00 · 2022-05-06 10:26:59 +02:00 · 5f59da3414
commit 5f59da3414
parent 8b1d592143
5 changed files with 68 additions and 2 deletions
--- a/src/main/java/net/libertacasa/pubsh/web/BeanConfig.java
+++ b/src/main/java/net/libertacasa/pubsh/web/BeanConfig.java
@ -0,0 +1,17 @@
+package net.libertacasa.pubsh.web;
+
+import org.keycloak.adapters.KeycloakConfigResolver;
+import org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+public class BeanConfig {
+
+	@Bean
+	public KeycloakConfigResolver keycloakConfigResolver() {
+	    return new KeycloakSpringBootConfigResolver();
+	}
+	
+
+}
--- a/src/main/java/net/libertacasa/pubsh/web/SecurityConfig.java
+++ b/src/main/java/net/libertacasa/pubsh/web/SecurityConfig.java
@ -0,0 +1,41 @@
+package net.libertacasa.pubsh.web;
+
+import org.keycloak.adapters.springsecurity.KeycloakConfiguration;
+import org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.core.session.SessionRegistry;
+import org.springframework.security.core.session.SessionRegistryImpl;
+import org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy;
+import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
+
+@KeycloakConfiguration
+public class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter {
+    @Autowired
+    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
+        auth.authenticationProvider(keycloakAuthenticationProvider());
+    }
+
+    @Bean
+    @Override
+    protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
+        return new RegisterSessionAuthenticationStrategy(buildSessionRegistry());
+    }
+
+    @Bean
+    protected SessionRegistry buildSessionRegistry() {
+        return new SessionRegistryImpl();
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception
+    {
+        super.configure(http); //.anonymous().disable()
+        http
+                .authorizeRequests()
+                .antMatchers("/portal").hasAuthority("devel-user")
+                .anyRequest().permitAll();
+    }
+}
--- a/src/main/java/net/libertacasa/pubsh/web/WebApplication.java
+++ b/src/main/java/net/libertacasa/pubsh/web/WebApplication.java
@ -22,7 +22,7 @@ import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestParam;

-import com.example.demo.Docker;
+import net.libertacasa.pubsh.web.Docker;
 import com.github.dockerjava.api.model.Container;
 import com.github.dockerjava.api.model.Image;

--- a/src/main/java/net/libertacasa/pubsh/web/WebSecurityConfigurer.java
+++ b/src/main/java/net/libertacasa/pubsh/web/WebSecurityConfigurer.java
@ -0,0 +1,5 @@
+package net.libertacasa.pubsh.web;
+
+public class WebSecurityConfigurer {
+
+}
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@ -1 +1,4 @@
-
+keycloak.auth-server-url=http://192.168.5.9:8080/
+keycloak.realm=local-devel
+keycloak.resource=portal-app
+keycloak.public-client=true