Class KeycloakAuthenticationEntryPoint
- java.lang.Object
-
- org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationEntryPoint
-
- All Implemented Interfaces:
org.springframework.security.web.AuthenticationEntryPoint
public class KeycloakAuthenticationEntryPoint extends Object implements org.springframework.security.web.AuthenticationEntryPoint
Provides a Keycloakauthentication entry point. Uses aRequestMatcherto determine if the request is an interactive login request or a API request, which should not be redirected to an interactive login page. By default, this entry point uses aHttpHeaderInspectingApiRequestMatcherbut can be overridden using in the constructor.- Author:
- Scott Rossillo
- See Also:
HttpHeaderInspectingApiRequestMatcher
-
-
Field Summary
Fields Modifier and Type Field Description static StringDEFAULT_LOGIN_URIDefault Keycloak authentication login URI
-
Constructor Summary
Constructors Constructor Description KeycloakAuthenticationEntryPoint(AdapterDeploymentContext adapterDeploymentContext)Creates a new Keycloak authentication entry point.KeycloakAuthenticationEntryPoint(AdapterDeploymentContext adapterDeploymentContext, org.springframework.security.web.util.matcher.RequestMatcher apiRequestMatcher)Creates a new Keycloak authentication entry point using the given request matcher to determine if the current request is an API request or a browser request.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voidcommence(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.security.core.AuthenticationException authException)protected voidcommenceLoginRedirect(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)Redirects to the login page.protected voidcommenceUnauthorizedResponse(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)voidsetLoginUri(String loginUri)voidsetRealm(String realm)
-
-
-
Field Detail
-
DEFAULT_LOGIN_URI
public static final String DEFAULT_LOGIN_URI
Default Keycloak authentication login URI- See Also:
- Constant Field Values
-
-
Constructor Detail
-
KeycloakAuthenticationEntryPoint
public KeycloakAuthenticationEntryPoint(AdapterDeploymentContext adapterDeploymentContext)
Creates a new Keycloak authentication entry point.
-
KeycloakAuthenticationEntryPoint
public KeycloakAuthenticationEntryPoint(AdapterDeploymentContext adapterDeploymentContext, org.springframework.security.web.util.matcher.RequestMatcher apiRequestMatcher)
Creates a new Keycloak authentication entry point using the given request matcher to determine if the current request is an API request or a browser request.- Parameters:
apiRequestMatcher- theRequestMatcherto use to determine if the current request is an API request or a browser request (required)
-
-
Method Detail
-
commence
public void commence(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.security.core.AuthenticationException authException) throws IOException, javax.servlet.ServletException- Specified by:
commencein interfaceorg.springframework.security.web.AuthenticationEntryPoint- Throws:
IOExceptionjavax.servlet.ServletException
-
commenceLoginRedirect
protected void commenceLoginRedirect(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws IOExceptionRedirects to the login page. If HTTP sessions are disabled, the redirect URL is saved in a cookie now, to be retrieved by theKeycloakAuthenticationSuccessHandleror theKeycloakAuthenticationFailureHandlerwhen the login sequence completes.- Throws:
IOException
-
commenceUnauthorizedResponse
protected void commenceUnauthorizedResponse(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws IOException- Throws:
IOException
-
setLoginUri
public void setLoginUri(String loginUri)
-
setRealm
public void setRealm(String realm)
-
-