KEYCLOAK-15906

2021-02-28 20:48:46 +05:30 · 2021-02-28 20:48:46 +05:30 · cdc50fb328
commit cdc50fb328
parent e18ea48b26
2 changed files with 5 additions and 2 deletions
--- a/authorization_services/topics/service-authorization-obtaining-permission.adoc
+++ b/authorization_services/topics/service-authorization-obtaining-permission.adoc
@ -23,8 +23,8 @@ permissions for the resource(s) and scope(s) being requested. This parameter all
 * **claim_token_format**
 +
 This parameter is *optional*. A string indicating the format of the token specified in the `claim_token` parameter. {project_name} supports two token
-formats: `urn:ietf:params:oauth:token-type:jwt` and `http://openid.net/specs/openid-connect-core-1_0.html#IDToken`. The `urn:ietf:params:oauth:token-type:jwt` format
-indicates that the `claim_token` parameter references an access token. The `http://openid.net/specs/openid-connect-core-1_0.html#IDToken` indicates that the
+formats: `urn:ietf:params:oauth:token-type:jwt` and `https://openid.net/specs/openid-connect-core-1_0.html#IDToken`. The `urn:ietf:params:oauth:token-type:jwt` format
+indicates that the `claim_token` parameter references an access token. The `https://openid.net/specs/openid-connect-core-1_0.html#IDToken` indicates that the
 `claim_token` parameter references an OpenID Connect ID Token.
 +
 * **rpt**
--- a/securing_apps/topics/oidc/java/spring-security-adapter.adoc
+++ b/securing_apps/topics/oidc/java/spring-security-adapter.adoc
@ -138,6 +138,8 @@ While Spring Security's XML namespace simplifies configuration, customizing the
    <bean id="keycloakAuthenticationProcessingFilter" class="org.keycloak.adapters.springsecurity.filter.KeycloakAuthenticationProcessingFilter">
        <constructor-arg name="authenticationManager" ref="authenticationManager" />
    </bean>
+    <bean id="keycloakSecurityContextRequestFilter"
+          class="org.keycloak.adapters.springsecurity.filter.KeycloakSecurityContextRequestFilter" />

    <bean id="keycloakLogoutHandler" class="org.keycloak.adapters.springsecurity.authentication.KeycloakLogoutHandler">
        <constructor-arg ref="adapterDeploymentContext" />
@ -162,6 +164,7 @@ While Spring Security's XML namespace simplifies configuration, customizing the
    <security:http auto-config="false" entry-point-ref="keycloakAuthenticationEntryPoint">
        <security:custom-filter ref="keycloakPreAuthActionsFilter" before="LOGOUT_FILTER" />
        <security:custom-filter ref="keycloakAuthenticationProcessingFilter" before="FORM_LOGIN_FILTER" />
+        <security:custom-filter ref="keycloakSecurityContextRequestFilter" after="FORM_LOGIN_FILTER" />
        <security:intercept-url pattern="/customers**" access="ROLE_USER" />
        <security:intercept-url pattern="/admin**" access="ROLE_ADMIN" />
        <security:custom-filter ref="logoutFilter" position="LOGOUT_FILTER" />