spring-boot


Spring Boot 1.4 & Keycloak unsecured pages


I have a Spring Boot 1.4 app with multiple REST Endpoints. Some of them are secured through a keycloak configuration. This works quit well. But as soon when I call an endpoint which is not declared as secured, spring boot throws an
java.lang.IllegalStateException: Response is committed
at org.eclipse.jetty.server.Request.getSession(Request.java:1523) ~[jetty-server-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.eclipse.jetty.server.Request.getSession(Request.java:1501) ~[jetty-server-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.keycloak.adapters.jetty.JettyAdapterSessionStore.saveRequest(JettyAdapterSessionStore.java:88) ~[keycloak-jetty93-adapter-2.1.0.Final.jar:2.1.0.Final]
at org.keycloak.adapters.jetty.core.JettySessionTokenStore.saveRequest(JettySessionTokenStore.java:117) ~[keycloak-jetty-core-2.1.0.Final.jar:2.1.0.Final]
at org.keycloak.adapters.OAuthRequestAuthenticator$1.challenge(OAuthRequestAuthenticator.java:219) ~[keycloak-adapter-core-2.1.0.Final.jar:2.1.0.Final]
at org.keycloak.adapters.jetty.core.AbstractKeycloakJettyAuthenticator.validateRequest(AbstractKeycloakJettyAuthenticator.java:320) ~[keycloak-jetty-core-2.1.0.Final.jar:2.1.0.Final]
at org.eclipse.jetty.security.authentication.DeferredAuthentication.authenticate(DeferredAuthentication.java:68) ~[jetty-security-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.eclipse.jetty.server.Request.getUserPrincipal(Request.java:1613) ~[jetty-server-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.springframework.web.servlet.FrameworkServlet.getUsernameForRequest(FrameworkServlet.java:1091) ~[spring-webmvc-4.3.2.RELEASE.jar:4.3.2.RELEASE]
at org.springframework.web.servlet.FrameworkServlet.publishRequestHandledEvent(FrameworkServlet.java:1077) ~[spring-webmvc-4.3.2.RELEASE.jar:4.3.2.RELEASE]
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1005) ~[spring-webmvc-4.3.2.RELEASE.jar:4.3.2.RELEASE]
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:861) ~[spring-webmvc-4.3.2.RELEASE.jar:4.3.2.RELEASE]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:687) ~[javax.servlet-api-3.1.0.jar:3.1.0]
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846) ~[spring-webmvc-4.3.2.RELEASE.jar:4.3.2.RELEASE]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) ~[javax.servlet-api-3.1.0.jar:3.1.0]
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:845) ~[jetty-servlet-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1689) ~[jetty-servlet-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.eclipse.jetty.websocket.server.WebSocketUpgradeFilter.doFilter(WebSocketUpgradeFilter.java:225) ~[websocket-server-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1676) ~[jetty-servlet-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99) ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1676) ~[jetty-servlet-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:87) ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1676) ~[jetty-servlet-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:77) ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1676) ~[jetty-servlet-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197) ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1676) ~[jetty-servlet-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:581) ~[jetty-servlet-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) ~[jetty-server-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:524) ~[jetty-security-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226) ~[jetty-server-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1180) ~[jetty-server-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:511) ~[jetty-servlet-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185) ~[jetty-server-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1112) ~[jetty-server-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) ~[jetty-server-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:119) ~[jetty-server-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134) ~[jetty-server-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.eclipse.jetty.server.Server.handle(Server.java:524) ~[jetty-server-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:319) [jetty-server-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:253) [jetty-server-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:273) [jetty-io-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95) [jetty-io-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:93) [jetty-io-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.executeProduceConsume(ExecuteProduceConsume.java:303) [jetty-util-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:148) [jetty-util-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:136) [jetty-util-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:671) [jetty-util-9.3.11.v20160721.jar:9.3.11.v20160721]
at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:589) [jetty-util-9.3.11.v20160721.jar:9.3.11.v20160721]
at java.lang.Thread.run(Thread.java:745) [?:1.8.0_92]
It seems that keycloak trys to authenticate the user somewhere but it shouldn't.
How can I achieve that Keycloak doesn't handle this request?
I declared my secured endpoints as followed:
keycloak.securityConstraints[2].securityCollections[0].authRoles[0] = user
keycloak.securityConstraints[2].securityCollections[0].authRoles[1] = admin
keycloak.securityConstraints[2].securityCollections[0].patterns[0] = /secure
I'm using jetty 9.3 adapter from keycloak webpage and a custom jetty customizer. Keycloaks Spring boot implementation don't work for me.

Related Links

After switching from Spring Boot 1.2.8 to 1.3.2 application magically stops working
How to use Apache Shiro for authorization only?
Spring Boot Batch use case for jobParameters and #JobScope/#StepScope over Environment/#ConfigurationProperties when configuring readers and writers?
CORS Origin Spring Boot Jhipster - pre-flight fails
Over writing server port of the application.yml in the command line
Reload javascript after thymeleaf fragment render
Feign/Eureka client not passing X-Forwarded-For header
Spring-Boot, how to start it manually in a servlet 3.0 environment
html form validation using thymeleaf not working spring boot
Spring Boot logging with logback
Spring #Query with principal and ternary operator
Is there a way a spring cloud config client can decrypt cipher text fetched from a config server?
How to get method information at Interceptor preHandle method in spring boot 1.3
Spring Boot Microservices Deployment
Starting Spring Application by merging yml files
Spring Integration with Jackson ObjectMapper and Java 8 Time (JSR-310)

Categories

HOME
asterisk
max
joomla
weblogic
intellisense
phantomjs
django-middleware
singleton
query-string
opengl-es
sugarcrm
autocad
flowtype
meson-build
qt4
markdown
promotions
angularjs-ng-repeat
apache-httpclient-4.x
jcodemodel
fetch
suitecrm
dynamics-crm-2011
decoding
resharper
virtualenv
saucelabs
console-application
hql
game-engine
loader
beacon
accordion
hl7-fhir
openoffice-basic
android-navigation-drawer
struts
ckeditor4.x
marionette
typeclass
uibarbuttonitem
meteor-accounts
log4net-configuration
spring-oauth2
jcr
offset
gitosis
aweber
area
mockserver
usernotifications
julia-jump
compiled-query
aspnetboilerplate
taiga
grails-2.0
django-cors-headers
weld
mef
jsfl
emacs24
google-cloud-shell
audio-fingerprinting
dynamic-linking
playframework-1.x
photoshop-script
seyren
google-scholar
ownership
alfred
altova
normalisation
nsoperationqueue
php-java-bridge
user-profile
radar-chart
stdlist
skbio
oryx
apache2-module
webservices-client
javapackager
callfire
clearquest
beagleboard
chrome-mobile
data-quality-services
touch-typing
qxorm
fiware-health
apache-pivot
fscanf
twitter-finagle
facebook-java-api
logo-lang
node-amqp
8-puzzle
oc4j
xrandr
maven-webstart-plugin
http-compression
qmainwindow
pudb
system.transactions
dnsbl
libx264
yii-components
gssapi
reflexil
wxperl
youtube.net-api
response-time
quazip
cinder
conditional-operator
jquery-attributes
qprocess
software-update
office-2003

Resources

Encrypt Message