Keycloak Ouath2 集成在 spring 云数据流 2.3.0 中不起作用
Keycloak Ouath2 integration is not working in spring cloud dataflow 2.3.0
我目前正在尝试将 keycloak 与 spring 云数据流 2.3.0 集成,但文档中显示的配置不适用于此版本。我对版本 spring 云数据流 2.2.2 进行了相同的尝试,并且集成工作正常。这是我在 application.yaml 中为两个版本添加的配置,
spring:
cloud:
dataflow:
security:
authorization:
map-oauth-scopes: true
security:
oauth2:
client:
client-id: dataflow
client-secret: 44ed8e53-f52f-4d2e-a205
access-token-uri: http://localhost:8080/auth/realms/dataflow/protocol/openid-connect/token
user-authorization-uri: http://localhost:8080/auth/realms/dataflow/protocol/openid-connect/auth
resource:
user-info-uri: http://localhost:8080/auth/realms/dataflow/protocol/openid-connect/userinfo
token-info-uri: http://localhost:8080/auth/realms/dataflow/protocol/openid-connect/token/introspect
应用配置后,我可以在 2.2.2 日志中看到以下条目,但在 2.3.0 中看不到
2020-10-18 11:31:40.829 INFO 1 --- [ main] org.hibernate.dialect.Dialect : HHH000400: Using dialect: org.hibernate.dialect.PostgreSQL95Dialect
2020-10-18 11:31:40.977 INFO 1 --- [ main] org.hibernate.type.BasicTypeRegistry : HHH000270: Type registration [java.util.UUID] overrides previous : org.hibernate.type.UUIDBinaryType@5965844d
2020-10-18 11:31:42.027 INFO 1 --- [ main] j.LocalContainerEntityManagerFactoryBean : Initialized JPA EntityManagerFactory for persistence unit 'default'
2020-10-18 11:31:43.113 INFO 1 --- [ main] o.s.c.c.s.support.SecurityConfigUtils : Authorization 'GET' | 'hasRole('ROLE_VIEW')' | '/about'
2020-10-18 11:31:43.114 INFO 1 --- [ main] o.s.c.c.s.support.SecurityConfigUtils : Authorization 'GET' | 'hasRole('ROLE_VIEW')' | '/audit-records'
2020-10-18 11:31:43.121 INFO 1 --- [ main] o.s.c.c.s.support.SecurityConfigUtils : Authorization 'GET' | 'hasRole('ROLE_VIEW')' | '/audit-records/**'
2020-10-18 11:31:43.122 INFO 1 --- [ main] o.s.c.c.s.support.SecurityConfigUtils : Authorization 'GET' | 'hasRole('ROLE_MANAGE')' | '/management/**'
2020-10-18 11:31:43.122 INFO 1 --- [ main] o.s.c.c.s.support.SecurityConfigUtils : Authorization 'GET' | 'hasRole('ROLE_VIEW')' | '/apps'
2020-10-18 11:31:43.122 INFO 1 --- [ main] o.s.c.c.s.support.SecurityConfigUtils : Authorization 'GET' | 'hasRole('ROLE_VIEW')' | '/apps/**'
2020-10-18 11:31:43.123 INFO 1 --- [ main] o.s.c.c.s.support.SecurityConfigUtils : Authorization 'DELETE' | 'hasRole('ROLE_DESTROY')' | '/apps/**'
2020-10-18 11:31:43.123 INFO 1 --- [ main] o.s.c.c.s.support.SecurityConfigUtils : Authorization 'POST' | 'hasRole('ROLE_CREATE')' | '/apps'
2020-10-18 11:31:43.123 INFO 1 --- [ main] o.s.c.c.s.support.SecurityConfigUtils : Authorization 'POST' | 'hasRole('ROLE_CREATE')' | '/apps/**'
2020-10-18 11:31:43.124 INFO 1 --- [ main] o.s.c.c.s.support.SecurityConfigUtils : Authorization 'PUT' | 'hasRole('ROLE_MODIFY')' | '/apps/**'
我已按照此处 https://docs.spring.io/spring-cloud-dataflow/docs/2.3.0.RELEASE/reference/htmlsingle/#configuration-security-oauth2 中的详细信息进行操作,但不明白为什么它在 2.3.0 中不起作用。有没有人能够将上面的数据流版本 2.3.0 与 keycloak(不是 UAA)成功集成?另外,我正在为 SSO 使用 keycloak,不需要用户注册。
配置是从 2.3.0 版本开始更改的,数据流文档中没有记录。我在githubhttps://github.com/ChimbuChinnadurai/spring-cloud-dataflow-keycloak-integration
中只添加了keycloak相关的配置
我目前正在尝试将 keycloak 与 spring 云数据流 2.3.0 集成,但文档中显示的配置不适用于此版本。我对版本 spring 云数据流 2.2.2 进行了相同的尝试,并且集成工作正常。这是我在 application.yaml 中为两个版本添加的配置,
spring:
cloud:
dataflow:
security:
authorization:
map-oauth-scopes: true
security:
oauth2:
client:
client-id: dataflow
client-secret: 44ed8e53-f52f-4d2e-a205
access-token-uri: http://localhost:8080/auth/realms/dataflow/protocol/openid-connect/token
user-authorization-uri: http://localhost:8080/auth/realms/dataflow/protocol/openid-connect/auth
resource:
user-info-uri: http://localhost:8080/auth/realms/dataflow/protocol/openid-connect/userinfo
token-info-uri: http://localhost:8080/auth/realms/dataflow/protocol/openid-connect/token/introspect
应用配置后,我可以在 2.2.2 日志中看到以下条目,但在 2.3.0 中看不到
2020-10-18 11:31:40.829 INFO 1 --- [ main] org.hibernate.dialect.Dialect : HHH000400: Using dialect: org.hibernate.dialect.PostgreSQL95Dialect
2020-10-18 11:31:40.977 INFO 1 --- [ main] org.hibernate.type.BasicTypeRegistry : HHH000270: Type registration [java.util.UUID] overrides previous : org.hibernate.type.UUIDBinaryType@5965844d
2020-10-18 11:31:42.027 INFO 1 --- [ main] j.LocalContainerEntityManagerFactoryBean : Initialized JPA EntityManagerFactory for persistence unit 'default'
2020-10-18 11:31:43.113 INFO 1 --- [ main] o.s.c.c.s.support.SecurityConfigUtils : Authorization 'GET' | 'hasRole('ROLE_VIEW')' | '/about'
2020-10-18 11:31:43.114 INFO 1 --- [ main] o.s.c.c.s.support.SecurityConfigUtils : Authorization 'GET' | 'hasRole('ROLE_VIEW')' | '/audit-records'
2020-10-18 11:31:43.121 INFO 1 --- [ main] o.s.c.c.s.support.SecurityConfigUtils : Authorization 'GET' | 'hasRole('ROLE_VIEW')' | '/audit-records/**'
2020-10-18 11:31:43.122 INFO 1 --- [ main] o.s.c.c.s.support.SecurityConfigUtils : Authorization 'GET' | 'hasRole('ROLE_MANAGE')' | '/management/**'
2020-10-18 11:31:43.122 INFO 1 --- [ main] o.s.c.c.s.support.SecurityConfigUtils : Authorization 'GET' | 'hasRole('ROLE_VIEW')' | '/apps'
2020-10-18 11:31:43.122 INFO 1 --- [ main] o.s.c.c.s.support.SecurityConfigUtils : Authorization 'GET' | 'hasRole('ROLE_VIEW')' | '/apps/**'
2020-10-18 11:31:43.123 INFO 1 --- [ main] o.s.c.c.s.support.SecurityConfigUtils : Authorization 'DELETE' | 'hasRole('ROLE_DESTROY')' | '/apps/**'
2020-10-18 11:31:43.123 INFO 1 --- [ main] o.s.c.c.s.support.SecurityConfigUtils : Authorization 'POST' | 'hasRole('ROLE_CREATE')' | '/apps'
2020-10-18 11:31:43.123 INFO 1 --- [ main] o.s.c.c.s.support.SecurityConfigUtils : Authorization 'POST' | 'hasRole('ROLE_CREATE')' | '/apps/**'
2020-10-18 11:31:43.124 INFO 1 --- [ main] o.s.c.c.s.support.SecurityConfigUtils : Authorization 'PUT' | 'hasRole('ROLE_MODIFY')' | '/apps/**'
我已按照此处 https://docs.spring.io/spring-cloud-dataflow/docs/2.3.0.RELEASE/reference/htmlsingle/#configuration-security-oauth2 中的详细信息进行操作,但不明白为什么它在 2.3.0 中不起作用。有没有人能够将上面的数据流版本 2.3.0 与 keycloak(不是 UAA)成功集成?另外,我正在为 SSO 使用 keycloak,不需要用户注册。
配置是从 2.3.0 版本开始更改的,数据流文档中没有记录。我在githubhttps://github.com/ChimbuChinnadurai/spring-cloud-dataflow-keycloak-integration
中只添加了keycloak相关的配置