Keycloak版本2.4.0_FINAL。Spring Boot Keycloak - 如何驗證不記名令牌?
在我的Spring Boot REST API中,我想驗證Keycloak中的持票人標記。
我遵循以下步驟:
我增加了行家依賴性和下面的application.properties。
keycloak.realm = realm
keycloak.auth-server-url = http://localhost:8080/auth
keycloak.ssl-required = external
keycloak.resource = app
keycloak.bearer-only = true
keycloak.credentials.secret = ...
keycloak.securityConstraints[0].securityCollections[0].patterns[0] = /r/secure/*
下一步是什麼?據我所知,這是最後一步,但似乎沒有做到。
更新 application.properties:
server.port = 8081
org.keycloak keycloak-tomcat8-adapter 2.4.0.Final
keycloak.realm = myapp
keycloak.auth-server-url = http://localhost:8080/auth
keycloak.ssl-required = external
keycloak.resource = mybackend
keycloak.bearer-only = true
keycloak.credentials.secret = ...
keycloak.use-resource-role-mappings = false
keycloak.securityConstraints[0].securityCollections[0].name = secure
keycloak.securityConstraints[0].securityCollections[0].patterns[0] = /r/secure/*
你的問題是,什麼是不工作? –
keycuak何時驗證令牌?我仍然可以訪問API沒有標記,沒有反饋。 – xDs
哪個端口是彈簧引導運行的,哪個端口keycloak? –