前言
本文参考A Quick Guide to Using Keycloak with Spring Boot,整理实战中遇到的问题。
Docker 安装 Keycloak
下载镜像
docker pull quay.io/keycloak/keycloak
失败的话,可再次尝试。
启动keycloak
docker run -p 6060:8080 -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=admin quay.io/keycloak/keycloak:latest
端口根据实际做映射。
官方是:docker run -p 8080:8080 -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=admin quay.io/keycloak/keycloak:9.0.2
目前最新版本是9.0.2,建议直接换成:latest,自动拉取最新的镜像。
启动成功:
本例是在本地环境启动,若在生产环境启动,需要开启SSL。
Browsers and applications that interact with the realm must honor the SSL/HTTPS requirements defined by the SSL Mode or they will not be allowed to interact with the server.
登陆
http://localhost:6060/auth
点击Administration Console
用户名:admin
密码:admin
Keycloak配置
参考A Quick Guide to Using Keycloak with Spring Boot,一样的配置就行。
Spring Boot应用启动
下载源码
更改配置
keycloak.auth-server-url=http://localhost:6060/auth
keycloak.realm=SpringBootKeycloak
keycloak.resource=login-app
keycloak.public-client=true
keycloak.security-constraints[0].authRoles[0]=user
keycloak.security-constraints[0].securityCollections[0].patterns[0]=/customers/*更改依赖
源码的部分依赖,拉取不到。
移除parent
<parent>
<groupId>com.baeldung</groupId>
<artifactId>parent-boot-1</artifactId>
<version>0.0.1-SNAPSHOT</version>
<relativePath>../../parent-boot-1</relativePath>
</parent>增加dependencyManagement
<properties>
<spring-boot.version>1.5.22.RELEASE</spring-boot.version>
</properties>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-dependencies</artifactId>
<version>${spring-boot.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>增加dependency
<dependency>
<groupId>javax.xml.bind</groupId>
<artifactId>jaxb-api</artifactId>
<version>2.3.0</version>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-spring-boot-starter</artifactId>
<version>3.3.0.Final</version>
</dependency>增加maven-compiler-plugin
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<configuration>
<source>10</source>
<target>10</target>
</configuration>
</plugin>
</plugins>
</build>启动
23:37:26.668 [main] INFO o.s.j.e.a.AnnotationMBeanExporter - Registering beans for JMX exposure on startup
23:37:26.681 [main] INFO o.a.coyote.http11.Http11NioProtocol - Starting ProtocolHandler ["http-nio-8081"]
23:37:26.689 [main] INFO o.a.tomcat.util.net.NioSelectorPool - Using a shared selector for servlet write/read
23:37:26.701 [main] INFO o.s.b.c.e.t.TomcatEmbeddedServletContainer - Tomcat started on port(s): 8081 (http)
23:37:26.735 [main] INFO com.baeldung.keycloak.SpringBoot - Started SpringBoot in 4.541 seconds (JVM running for 10.586)访问
http://localhost:8081/
点击customers,登陆,获取列表
用户名:user1
密码:xsw2@WSX
