Merge pull request #149 from guigarage/spring-annotation
Usage for Spring metadata annotation @KeycloakConfiguration added
This commit is contained in:
Stian Thorgersen
GitHub
commit
1fd7d42a31
1 changed files with 6 additions and 3 deletions
|
|
@ -36,9 +36,7 @@ While its use is not required, it greatly simplifies your security context confi
|
|||
----
|
||||
|
||||
|
||||
@Configuration
|
||||
@EnableWebSecurity
|
||||
@ComponentScan(basePackageClasses = KeycloakSecurityComponents.class)
|
||||
@KeycloakConfiguration
|
||||
public class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter
|
||||
{
|
||||
/**
|
||||
|
|
@ -76,6 +74,11 @@ You must provide a session authentication strategy bean which should be of type
|
|||
Spring Security's `SessionFixationProtectionStrategy` is currently not supported because it changes the session identifier after login via Keycloak.
|
||||
If the session identifier changes, universal log out will not work because Keycloak is unaware of the new session identifier.
|
||||
|
||||
TIP: The `@KeycloakConfiguration` annotation is a metadata annotion that defines all annotations that are needed to integrate
|
||||
KeyCloak in Spring security. If you have a complexe Spring security setup you can simply have a look ath the annotations of
|
||||
the `@KeycloakConfiguration` annotation and create your own custom meta annotation or just use specific Spring annotations
|
||||
for the KeyCloak adapter.
|
||||
|
||||
====== XML Configuration
|
||||
|
||||
While Spring Security's XML namespace simplifies configuration, customizing the configuration can be a bit verbose.
|
||||
|
|
|
|||
Loading…
Reference in a new issue