Package org.keycloak.adapters.springsecurity.authentication

Class KeycloakAuthenticationEntryPoint

java.lang.Object
org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationEntryPoint
All Implemented Interfaces:
org.springframework.security.web.AuthenticationEntryPoint
public class KeycloakAuthenticationEntryPoint extends Object implements org.springframework.security.web.AuthenticationEntryPoint
Provides a Keycloak authentication entry point. Uses a RequestMatcher to determine if the request is an interactive login request or a API request, which should not be redirected to an interactive login page. By default, this entry point uses a HttpHeaderInspectingApiRequestMatcher but can be overridden using in the constructor.
Author:
Scott Rossillo
See Also:

  • Field Details

    • DEFAULT_LOGIN_URI

      public static final String DEFAULT_LOGIN_URI
      Default Keycloak authentication login URI
      See Also:

  • Constructor Details

    • KeycloakAuthenticationEntryPoint

      public KeycloakAuthenticationEntryPoint(AdapterDeploymentContext adapterDeploymentContext)
      Creates a new Keycloak authentication entry point.

    • KeycloakAuthenticationEntryPoint

      public KeycloakAuthenticationEntryPoint(AdapterDeploymentContext adapterDeploymentContext, org.springframework.security.web.util.matcher.RequestMatcher apiRequestMatcher)
      Creates a new Keycloak authentication entry point using the given request matcher to determine if the current request is an API request or a browser request.
      Parameters:
      apiRequestMatcher - the RequestMatcher to use to determine if the current request is an API request or a browser request (required)

  • Method Details

    • commence

      public void commence(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.security.core.AuthenticationException authException) throws IOException, javax.servlet.ServletException
      Specified by:
      commence in interface org.springframework.security.web.AuthenticationEntryPoint
      Throws:
      IOException
      javax.servlet.ServletException

    • commenceLoginRedirect

      protected void commenceLoginRedirect(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws IOException
      Redirects to the login page. If HTTP sessions are disabled, the redirect URL is saved in a cookie now, to be retrieved by the KeycloakAuthenticationSuccessHandler or the KeycloakAuthenticationFailureHandler when the login sequence completes.
      Throws:
      IOException

    • commenceUnauthorizedResponse

      protected void commenceUnauthorizedResponse(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws IOException
      Throws:
      IOException

    • setLoginUri

      public void setLoginUri(String loginUri)

    • setRealm

      public void setRealm(String realm)