无法定义以 keycloak 开头的属性
Unable to define properties which start with keycloak
无法定义以 keycloak 开头的属性。如果 keycloak-spring-boot-starter starter jar 观察到 jar 不知道的 keycloak 属性,则它无法加载属性。如果我们在属性前加前缀“sso”,问题就会得到解决,有没有办法避免这个错误,即使保留 keycloak 前缀。
keycloak.admin.username=
keycloak.admin.password=
sso.keycloak.admin.username=
sso.keycloak.admin.password=
这是 Spring Boot 2.5.0 and Keycloak 13.0.0
中出现的错误
Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is java.lang.NullPointerException
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:185)
at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:653)
... 21 more
Caused by: java.lang.NullPointerException
at org.springframework.security.config.annotation.web.builders.HttpSecurity.addFilterAtOffsetOf(HttpSecurity.java:2654)
at org.springframework.security.config.annotation.web.builders.HttpSecurity.addFilterAfter(HttpSecurity.java:2645)
at org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter.configure(KeycloakWebSecurityConfigurerAdapter.java:123)
at com.foo.config.KeycloakSecurityConfig.configure(KeycloakSecurityConfig.java:36)
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.getHttp(WebSecurityConfigurerAdapter.java:217)
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.init(WebSecurityConfigurerAdapter.java:315)
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.init(WebSecurityConfigurerAdapter.java:93)
at com.foo.config.KeycloakSecurityConfig$$EnhancerBySpringCGLIB$1f46fb.init(<generated>)
at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.init(AbstractConfiguredSecurityBuilder.java:338)
at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.doBuild(AbstractConfiguredSecurityBuilder.java:300)
at org.springframework.security.config.annotation.AbstractSecurityBuilder.build(AbstractSecurityBuilder.java:38)
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.springSecurityFilterChain(WebSecurityConfiguration.java:127)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:564)
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154)
从 Keycloak 代码看来,他们似乎只将属性硬连接到特定属性。
来自 KeycloakSpringBootProperties
/* this is a dummy property to avoid re-rebinding problem with
property keycloak.config.resolver
when using spring cloud - see KEYCLOAK-2977 */
从他们的代码来看,我们似乎可以利用他们必须包含额外属性的解决方法。
但要做到这一点,我们必须在其中添加 'config'。
keycloak.config.admin.username=asd
keycloak.config.admin.password=sss
此错误是在 5.5.0 版 Spring 安全性 中引入的,它随 Spring Boot 2.5.0。
发生这种情况是因为 KeyCloak 依次添加了两个过滤器,如下所示:
@Override
protected void configure(HttpSecurity http) throws Exception {
http
...
.addFilterAfter(keycloakSecurityContextRequestFilter(), SecurityContextHolderAwareRequestFilter.class)
.addFilterAfter(keycloakAuthenticatedActionsRequestFilter(), KeycloakSecurityContextRequestFilter.class)
...
}
现在有一个错误,其中自定义过滤器顺序未被保留,因此在尝试添加相对于最近添加的另一个自定义过滤器的过滤器时导致 NullPointerException。
我建议你现在做的是使用较低版本的 Spring 引导,例如 2。4.x 直到 issue in GitHub 得到解决。
无法定义以 keycloak 开头的属性。如果 keycloak-spring-boot-starter starter jar 观察到 jar 不知道的 keycloak 属性,则它无法加载属性。如果我们在属性前加前缀“sso”,问题就会得到解决,有没有办法避免这个错误,即使保留 keycloak 前缀。
keycloak.admin.username=
keycloak.admin.password=
sso.keycloak.admin.username=
sso.keycloak.admin.password=
这是 Spring Boot 2.5.0 and Keycloak 13.0.0
Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is java.lang.NullPointerException
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:185)
at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:653)
... 21 more
Caused by: java.lang.NullPointerException
at org.springframework.security.config.annotation.web.builders.HttpSecurity.addFilterAtOffsetOf(HttpSecurity.java:2654)
at org.springframework.security.config.annotation.web.builders.HttpSecurity.addFilterAfter(HttpSecurity.java:2645)
at org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter.configure(KeycloakWebSecurityConfigurerAdapter.java:123)
at com.foo.config.KeycloakSecurityConfig.configure(KeycloakSecurityConfig.java:36)
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.getHttp(WebSecurityConfigurerAdapter.java:217)
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.init(WebSecurityConfigurerAdapter.java:315)
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.init(WebSecurityConfigurerAdapter.java:93)
at com.foo.config.KeycloakSecurityConfig$$EnhancerBySpringCGLIB$1f46fb.init(<generated>)
at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.init(AbstractConfiguredSecurityBuilder.java:338)
at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.doBuild(AbstractConfiguredSecurityBuilder.java:300)
at org.springframework.security.config.annotation.AbstractSecurityBuilder.build(AbstractSecurityBuilder.java:38)
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.springSecurityFilterChain(WebSecurityConfiguration.java:127)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:564)
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154)
从 Keycloak 代码看来,他们似乎只将属性硬连接到特定属性。
来自 KeycloakSpringBootProperties
/* this is a dummy property to avoid re-rebinding problem with property keycloak.config.resolver when using spring cloud - see KEYCLOAK-2977 */
从他们的代码来看,我们似乎可以利用他们必须包含额外属性的解决方法。 但要做到这一点,我们必须在其中添加 'config'。
keycloak.config.admin.username=asd
keycloak.config.admin.password=sss
此错误是在 5.5.0 版 Spring 安全性 中引入的,它随 Spring Boot 2.5.0。 发生这种情况是因为 KeyCloak 依次添加了两个过滤器,如下所示:
@Override
protected void configure(HttpSecurity http) throws Exception {
http
...
.addFilterAfter(keycloakSecurityContextRequestFilter(), SecurityContextHolderAwareRequestFilter.class)
.addFilterAfter(keycloakAuthenticatedActionsRequestFilter(), KeycloakSecurityContextRequestFilter.class)
...
}
现在有一个错误,其中自定义过滤器顺序未被保留,因此在尝试添加相对于最近添加的另一个自定义过滤器的过滤器时导致 NullPointerException。
我建议你现在做的是使用较低版本的 Spring 引导,例如 2。4.x 直到 issue in GitHub 得到解决。