I'm running the complete version of Spring boot Upload file guide at Spring Guide, but I used Undertow as embedded servlet instead of Tomcat default. And it worked.
When I try to upload file with size larger than the value in config file
spring.http.multipart.max-file-size=128KB
spring.http.multipart.max-request-size=128KB
It raises exception. That is expected behavior
With Tomcat embedded servlet, it can be easily handled by catching SizeLimitExceededException or MultipartException
But with Undertow, it throws RuntimeException event I catch it in global handler:
#ControllerAdvice
public class GlobalControllerExceptionHandler extends ResponseEntityExceptionHandler {
#ExceptionHandler({RuntimeException.class, Exception.class, IOException.class})
ResponseEntity<?> handleControllerException(Exception exc, HttpServletRequest request, Throwable ex) {
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).build();
}
}
The Exception message:
java.lang.RuntimeException: java.io.IOException: UT000020: Connection terminated as request was larger than 131072
at io.undertow.servlet.spec.HttpServletRequestImpl.parseFormData(HttpServletRequestImpl.java:779) ~[undertow-servlet-1.4.20.Final.jar:1.4.20.Final]
at io.undertow.servlet.spec.HttpServletRequestImpl.getParameter(HttpServletRequestImpl.java:653) ~[undertow-servlet-1.4.20.Final.jar:1.4.20.Final]
at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:75) ~[spring-web-4.3.12.RELEASE.jar:4.3.12.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.12.RELEASE.jar:4.3.12.RELEASE]
Here is the codes:
The controller
#PostMapping("/")
public String handleFileUpload(#RequestParam("file") MultipartFile file,
RedirectAttributes redirectAttributes) {
storageService.store(file);
redirectAttributes.addFlashAttribute("message",
"You successfully uploaded " + file.getOriginalFilename() + "!");
return "redirect:/";
}
pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework</groupId>
<artifactId>gs-uploading-files</artifactId>
<version>0.1.0</version>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.5.8.RELEASE</version>
</parent>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
<exclusions>
<exclusion>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-undertow</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-devtools</artifactId>
<version>1.3.0.RELEASE</version>
</dependency>
</dependencies>
<properties>
<java.version>1.8</java.version>
</properties>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
Anyone get the same problem with me? How can I catch the exception when maximum file size upload is exceeded?
Any help would be greatly appreciated
Maybe it is able to help in some particular case.
I have the same problem with undertow and exception handling.
My case is a little bit different, I also have spring-security, so the exceptions like RequestTooBigException are caused in spring-security filters when some of them try to read information from the request.
As a solution, I use an additional filter that is added before the first security filter that is caused that exception. (For my it is BearerTokenAuthenticationFilter.class)
There is an additional filter that handles these exceptions:
#Component
#Slf4j
public class SecurityRequestToBigExceptionHandlerFilter extends OncePerRequestFilter {
#Override
public void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
FilterChain filterChain) throws ServletException, IOException {
try {
filterChain.doFilter(request, response);
} catch (IllegalStateException | RequestTooBigException | MultiPartParserDefinition.FileTooLargeException ex) {
if (ex instanceof RequestTooBigException
|| ex instanceof MultiPartParserDefinition.FileTooLargeException) {
writeResponse(response, ex);
return;
}
Throwable causeException = ex.getCause();
if (nonNull(causeException)
&& (causeException instanceof RequestTooBigException
|| causeException instanceof MultiPartParserDefinition.FileTooLargeException)) {
writeResponse(response, causeException);
return;
}
throw ex;
}
}
private void writeResponse(HttpServletResponse response, Throwable ex) throws IOException {
log.debug("Handle RequestToBig Exception with {}", ex.getMessage());
response.setStatus(HttpStatus.BAD_REQUEST.value());
response.getWriter().write(ex.getMessage());
}
}
Next what we need to change is security configuration.
There is my simplified security config:
#EnableWebSecurity
#RequiredArgsConstructor
public class SecurityConfig extends WebSecurityConfigurerAdapter {
#Autowired
private final SecurityRequestToBigExceptionHandlerFilter requestToBigExceptionHandlerFilter;
#Override
public void configure(HttpSecurity http) throws Exception {
http
.addFilterBefore(requestToBigExceptionHandlerFilter, BearerTokenAuthenticationFilter.class)
.csrf().disable()
.cors()
.and()
.authorizeRequests()
.anyRequest().authenticated()
.and()
.oauth2ResourceServer().jwt();
}
}
Related
I am trying to run some simple app by using spring boot and keycloak. App running on localhost:80. Here is my pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.5.0</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>org.example</groupId>
<artifactId>testOfKeyCloack</artifactId>
<version>1.0-SNAPSHOT</version>
<properties>
<maven.compiler.source>15</maven.compiler.source>
<maven.compiler.target>15</maven.compiler.target>
<springboot.plugin.version>2.1.4.RELEASE</springboot.plugin.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-client</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<version>${springboot.plugin.version}</version>
</plugin>
</plugins>
</build>
</project>
There is my application.yml, where keycloak listening port 8080 on localhost.
Also there is realm - WebReport and client testK:
server:
port: "80"
spring:
application.name: ${APPLICATION_NAME:spring-security-keycloak-oauth}
security:
oauth2:
client:
provider:
keycloak:
issuer-uri: http://localhost:8080/realms/webReport
registration:
keycloak:
client-id: testK
Valid redirect URI: http://localhost:80/*
For test I use controller:
#RestController
#RequestMapping("/api")
public class SampleController {
#GetMapping("/anonymous")
public String getAnonymousInfo() {
return "Anonymous";
}
#GetMapping("/user")
#PreAuthorize("hasRole('USER')")
public String getUserInfo() {
return "user info";
}
#GetMapping("/admin")
#PreAuthorize("hasRole('ADMIN')")
public String getAdminInfo() {
return "admin info";
}
#GetMapping("/service")
#PreAuthorize("hasRole('SERVICE')")
public String getServiceInfo() {
return "service info";
}
#GetMapping("/me")
public Object getMe() {
final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
return authentication.getName();
}
}
And this is my WebSecurityConfiguration
#Configuration
#EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
#Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests(authorizeRequests -> authorizeRequests
.antMatchers("/api/anonymous/**").permitAll()
.anyRequest().authenticated())
.oauth2Login(oauth2Login -> oauth2Login
.userInfoEndpoint(userInfoEndpoint -> userInfoEndpoint
.oidcUserService(this.oidcUserService())
)
);
}
#Bean
public OAuth2UserService<OidcUserRequest, OidcUser> oidcUserService() {
final OidcUserService delegate = new OidcUserService();
return (userRequest) -> {
OidcUser oidcUser = delegate.loadUser(userRequest);
final Map<String, Object> claims = oidcUser.getClaims();
final JSONArray groups = (JSONArray) claims.get("groups");
final Set<GrantedAuthority> mappedAuthorities = groups.stream()
.map(role -> new SimpleGrantedAuthority(("ROLE_" + role)))
.collect(Collectors.toSet());
return new DefaultOidcUser(mappedAuthorities, oidcUser.getIdToken(), oidcUser.getUserInfo());
};
}
}
But when I try to go for example to : "http://localhost:80/api/admin"
I am getting an error: "Invalid parameter: redirect_uri"
Console output: "GET http://localhost:8080/realms/webReport/protocol/openid-connect/auth?response_type=code&client_id=my_webreport&state=*** redirect_uri=http://localhost/login/oauth2/code/keycloak 400 (Bad Request)"
Advices from other threads didn't help, so I just don't know, what to do.
You're saying you set your redirect URIs for the client to http://localhost:80/*.
Then you made this request: GET http://localhost:8080/realms/webReport/protocol/openid-connect/auth?response_type=code&client_id=my_webreport&state=*** redirect_uri=http://localhost:8084/login/oauth2/code/keycloak.
http://localhost:8084/login/oauth2/code/keycloak is not matched by http://localhost:80/*, the port needs to match the actual port of your request.
I am trying to configure Keycloak with spring boot. But the endpoints that I configure wether its open or with a Role I walys get a 401
#Configuration
#EnableWebSecurity
#EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true,
jsr250Enabled = true)
public class KeycloakSecurityConfig extends
KeycloakWebSecurityConfigurerAdapter {
#Override
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
http.authorizeRequests()
.antMatchers("/test/anoymous").permitAll();
.antMatchers("/test/user").hasAnyRole("user")
.antMatchers("/test/admin").hasAnyRole("admin")
.antMatchers("/test/all-user").hasAnyRole("user","admin")
.anyRequest()
http.csrf().disable();
}
#Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
KeycloakAuthenticationProvider keycloakAuthenticationProvider = keycloakAuthenticationProvider();
keycloakAuthenticationProvider.setGrantedAuthoritiesMapper(new SimpleAuthorityMapper());
auth.authenticationProvider(keycloakAuthenticationProvider);
}
#Bean
#Override
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl());
}
#Bean
public KeycloakConfigResolver KeycloakConfigResolver() {
return new KeycloakSpringBootConfigResolver();
}
}
When I hit the test endpoint anonymous I get back
{
"timestamp": "2021-07-08T20:39:21.265+0000",
"status": 401,
"error": "Unauthorized",
"message": "Unauthorized",
"path": "/test/anonymous"
}
However even with the keycloak token I get an error which is not authorized... The same as above but with Bearer Token.
#RestController
#RequestMapping("/test")
public class KeyController {
#RequestMapping(value="/anonymous", method=RequestMethod.GET)
public ResponseEntity<String> AdminEndpoint() {
return ResponseEntity.ok("Hello Anounymous");
}
#RolesAllowed("user")
#RequestMapping(value="/user", method=RequestMethod.GET)
public ResponseEntity<String> getUser(){
return ResponseEntity.ok("Hello User");
}
#RequestMapping(value="/admin", method=RequestMethod.GET)
public ResponseEntity<String> getAdmin(){
return ResponseEntity.ok("Hello Admin");
}
#RequestMapping(value="/all-users", method=RequestMethod.GET)
public ResponseEntity<String> getAllUsers(){
return ResponseEntity.ok("Hello to all");
}
}
It runs normally but I checked every spring security configuration on stack as possible as I can but nothing worked. Please help me.
This is the Pom.xml
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.io.keycloak</groupId>
<artifactId>keycloak</artifactId>
<version>0.0.1-SNAPSHOT</version>
<properties>
<maven.compiler.source>11</maven.compiler.source>
<maven.compiler.target>11</maven.compiler.target>
<spring.version>5.3.4</spring.version>
<keycloak.version>14.0.0</keycloak.version>
<java.version>11</java.version>
</properties>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.2.6.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-devtools</artifactId>
<scope>runtime</scope>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
<exclusions>
<exclusion>
<groupId>org.junit.vintage</groupId>
<artifactId>junit-vintage-engine</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-spring-boot-starter</artifactId>
<version>${keycloak.version}</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
I figured it out ...
1 - The class RestController was not being found because it was in another package. So at the main class where the main function is I inputed #ComponentScan for where the RestController was.
#SpringBootApplication
#ComponentScan("com.io*") //This was the issue...
public class mainApp {
public static void main(String[] args) {
//Hello
SpringApplication.run(mainApp.class, args);
}
}
Just an FYI. Even with the #RestController, #Component, #Controller and other annotations where automatically spring would find does not actually work that way. You sometimes need to input #ComponentScan as well.
The result:
my Rest API is working fine locally but the moment I put the same JAR and run it from cloud server, I can only call the GET API and none of the POST API from Postmen.
Below are my code.
RestController
#CrossOrigin(origins = "*", maxAge = 3600)
#RestController
#RequestMapping("/api/test")
public class TestController {
#GetMapping("/all")
public String allAccess() {
return "Public Content.";
}
#PostMapping("/testpostA")
public ResponseEntity<?> testPostA() {
return ResponseEntity.ok(new MessageResponse("Test POST successfully!"));
}
#PostMapping("/testpostB")
public String testPostB() {
return "String return POST successfully.";
}
}
pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.4.2</version>
<relativePath /> <!-- lookup parent from repository -->
</parent>
<groupId>com.eurogain</groupId>
<artifactId>WebPortal</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>WebPortal</name>
<description>Java Spring Boot project for the Eurogain web portal for both internal and external client.</description>
<properties>
<java.version>15</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-envers</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-mail</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-quartz</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>0.9.1</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-validation</artifactId>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build></project>
WebSecurityConfigurationAdapter
#Configuration
#EnableWebSecurity
#EnableGlobalMethodSecurity(
// securedEnabled = true,
// jsr250Enabled = true,
prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
#Autowired
UserDetailsServiceImpl userDetailsService;
#Autowired
private AuthEntryPointJwt unauthorizedHandler;
#Bean
public AuthTokenFilter authenticationJwtTokenFilter() {
return new AuthTokenFilter();
}
#Override
public void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
authenticationManagerBuilder.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
}
#Bean
#Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
#Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
#Override
protected void configure(HttpSecurity http) throws Exception {
System.out.println("============================ Inside WebSecurityConfig ===========================Ken");
http.csrf().disable().authorizeRequests().anyRequest().permitAll();
}}
Lastly, the web application:
#SpringBootApplication
public class WebPortalApplication {
public static void main(String[] args) {
SpringApplication.run(WebPortalApplication.class, args);
}}
Running the same JAR file locally, no issue on calling all of the POST and GET API. However, when we move the same JAR over to AWS EC2 cloud instance and run it, we can only call the GET API. The following error was thrown at the Postmen console when calling any of the POST API:
However, no issue when calling the GET API:
Server console output - no error:
UPDATE - Round 1
Tested using wget, error 500 as well. No futher info.
UPDATE - Round 2
Tested using wget POST, and after modifying WebSecurityConfig. Here is the screeshot:
Server console contains warning upon the wget POST:
The updated code for WebSecurityConfig:
#Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
#Override
public void configure(HttpSecurity http) throws Exception {
http.cors().and().csrf().disable();
}
}
Try config cors like that:
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
#Configuration
public class CorsConfig {
#Bean
public WebMvcConfigurer corsConfigurer() {
return new WebMvcConfigurer() {
#Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**").allowedMethods("HEAD", "GET", "PUT", "POST", "DELETE", "PATCH");
}
};
}
}
The problem was due to the Nginx reverse proxy handling. In localhost, I was using HTTP, but in the dev server, we are only using HTTPS. Thus, I used HTTPS for all the RESTful API URLs.
I am currently working on a project and I have to deal with Spring Boot and keycloak.
I want a configuration that is in the application.properties of spring.
Here is a part of my configuration file:
keycloak.enabled = true
keycloak.auth-server-url=${SSO_URL:http://MYIP:8082/auth/}
keycloak.realm=${SSO_REALM:approfox-dev}
keycloak.resource=${SSO_CLIENT:approfox-dev-login}
keycloak.ssl-required=none
keycloak.public-client=true
keycloak.principal-attribute=preferred_username
But when I try to access to any API endpoint, I got an 500 Internal Server Error with juste a NullPointerException. I do not know from where or why this exception occures. It seems that the application properties file is not loading by keycloak because when I use keycloack.json and the method that load it, it works.
#Configuration
#EnableWebSecurity
#KeycloakConfiguration
#ComponentScan(basePackageClasses = KeycloakSecurityComponents.class)
#ConditionalOnProperty(
value = "keycloak.enabled",
havingValue = "true",
matchIfMissing = false
)
class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter {
#Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) {
SimpleAuthorityMapper grantedAuthorityMapper = new SimpleAuthorityMapper();
grantedAuthorityMapper.setPrefix("ROLE_");
KeycloakAuthenticationProvider keycloakAuthenticationProvider = keycloakAuthenticationProvider();
keycloakAuthenticationProvider.setGrantedAuthoritiesMapper(grantedAuthorityMapper);
auth.authenticationProvider(keycloakAuthenticationProvider);
}
#Bean
#Override
#ConditionalOnMissingBean(HttpSessionManager.class)
protected HttpSessionManager httpSessionManager() {
return new HttpSessionManager();
}
// Keycloak Spring Boot resolver not working
#Bean
public KeycloakSpringBootConfigResolver KeycloakConfigResolver() {
return new KeycloakSpringBootConfigResolver();
}
#Bean
#Override
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
return new RegisterSessionAuthenticationStrategy(
new SessionRegistryImpl());
}
#Override
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
http.csrf()
.disable()
.cors()
.and()
.authorizeRequests()
.antMatchers("/exemple1")
.hasRole("student")
.antMatchers("/exemple2")
.hasRole("admin")
.anyRequest()
.permitAll();
}
// keycloak.json working...
/**
* Overrides default keycloak config resolver behaviour (/WEB-INF/keycloak.json) by a simple mechanism.
* <p>
* This example loads other-keycloak.json when the parameter use.other is set to true, e.g.:
* {#code ./gradlew bootRun -Duse.other=true}
*
* #return keycloak config resolver
*/
/*#Bean
public KeycloakConfigResolver keycloakConfigResolver() {
return new KeycloakConfigResolver() {
private KeycloakDeployment keycloakDeployment;
#Override
public KeycloakDeployment resolve(HttpFacade.Request facade) {
if (keycloakDeployment != null) {
return keycloakDeployment;
}
String path = "/keycloak.json";
InputStream configInputStream = getClass().getResourceAsStream(path);
if (configInputStream == null) {
throw new RuntimeException("Could not load Keycloak deployment info: " + path);
} else {
keycloakDeployment = KeycloakDeploymentBuilder.build(configInputStream);
}
return keycloakDeployment;
}
};
}*/
}
I have searched all over internet I can't find anything about that issue...
My POM.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.2.1.RELEASE</version>
</parent>
<groupId>xxx</groupId>
<artifactId>xxxx</artifactId>
<version>0.0.1-SNAPSHOT</version>
<packaging>jar</packaging>
<name>xxxx</name>
<description>xxxx</description>
<properties>
<java.version>11</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-spring-boot-starter</artifactId>
<version>8.0.1</version>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-spring-boot-adapter</artifactId>
<version>8.0.1</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
<version>2.2.2.RELEASE</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>8.0.18</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
<exclusions>
<exclusion>
<groupId>org.junit.vintage</groupId>
<artifactId>junit-vintage-engine</artifactId>
</exclusion>
</exclusions>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.keycloak.bom</groupId>
<artifactId>keycloak-adapter-bom</artifactId>
<version>3.3.0.Final</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
<!-- <plugin>-->
<!-- <artifactId>maven-assembly-plugin</artifactId>-->
<!-- <version>3.1.1</version>-->
<!-- <configuration>-->
<!-- <descriptorRefs>-->
<!-- <descriptorRef>project</descriptorRef>-->
<!-- </descriptorRefs>-->
<!-- </configuration>-->
<!-- <executions>-->
<!-- <execution>-->
<!-- <id>make-assembly</id>-->
<!-- <phase>package</phase>-->
<!-- <goals>-->
<!-- <goal>single</goal>-->
<!-- </goals>-->
<!-- </execution>-->
<!-- </executions>-->
<!-- </plugin>-->
</plugins>
</build>
</project>
I am developing a little demo project with Spring MVC on a Tomcat with hibernate and JSPs. The application was working with thymeleaf as a view resolver but I need to rewrite my thymeleaf template as a .JSP. So I needed to reconfig everything. I am also trying to only use annotation configuration files without any xml.
The problem is that I am seeing the source code of my JSP-File without resolving.
The Request-Mapping and the program logic already worked with thymeleaf + spring. I am getting no error messages in the log files. I tried a lot of changes so my config files may be inconsistent at the moment. Any pointers or advice is appreciated.
My config files are below:
MyWebAppInitializer:
public class MyWebAppInitializer implements WebApplicationInitializer {
private static final String CONFIG_LOCATION = "MvcConfiguration";
private static final String MAPPING_URL = "/";#Override
public void onStartup(ServletContext servletContext) throws ServletException {
WebApplicationContext context = getContext();
servletContext.addListener(new ContextLoaderListener(context));
ServletRegistration.Dynamic dispatcher = servletContext.addServlet("DispatcherServlet", new DispatcherServlet(context));
dispatcher.setLoadOnStartup(1);
dispatcher.addMapping(MAPPING_URL);
}
private AnnotationConfigWebApplicationContext getContext() {
AnnotationConfigWebApplicationContext context = new AnnotationConfigWebApplicationContext();
context.setConfigLocation(CONFIG_LOCATION);
return context;
}
}
MvcConfiguration:
class MvcConfiguration extends WebMvcConfigurerAdapter {
#Bean
public ViewResolver viewResolver() {
InternalResourceViewResolver viewResolver = new InternalResourceViewResolver();
viewResolver.setViewClass(JstlView.class);
viewResolver.setPrefix("/WEB-INF/");
viewResolver.setSuffix(".jsp");
return viewResolver;
}
#Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry.addResourceHandler("/resources/**").addResourceLocations("/resources/");
}
#Override
public void configureDefaultServletHandling(DefaultServletHandlerConfigurer configurer) {
configurer.enable();
}
}
BenutzerController:
#Controller
public class BenutzerController {
#Autowired
BenutzerRepository repository;
#ModelAttribute("Benutzer")
public Benutzer loadEmptyModelBean() {
return new Benutzer();
}
#ModelAttribute("userList")
public List < Benutzer > userList() {
return toList(repository.findAll());
}
#RequestMapping("/verwaltung")
public String verwaltung(#RequestParam(value = "message", required = false, defaultValue = "Defaultvalue") String message, ModelMap model) {
model.addAttribute("message", message);
return "verwaltung";
}
pom.xml:
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<name>benutzerverwaltung</name>
<description>Demo project for Spring Boot</description>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.3.0.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<java.version>1.8</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>com.zaxxer</groupId>
<artifactId>HikariCP</artifactId>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.11</version>
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-entitymanager</artifactId>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jstl</artifactId>
<version>1.2</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>4.2.3.RELEASE</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>3.1.0</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
EDIT: SOLUTION
editing the pom.xml:
<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-jasper</artifactId>
<version>8.0.29</version>
</dependency>
Are you using Spring Boot's embedded Tomcat? According to the answer to this question, you may need to add a dependency: compile("org.apache.tomcat.embed:tomcat-embed-jasper"). However, I've never got JSPs to work properly with an embedded tomcat - you can create a war file instead, as it says in the docs.