Я пытаюсь защитить свое веб-приложение с помощью Keycloak Jetty 9.x Adapters со следующими конфигурациями в папке WEB-INF:
jetty-web. xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
<Get name="securityHandler">
<Set name="authenticator">
<New class="org.keycloak.adapters.jetty.KeycloakJettyAuthenticator">
<Set name="adapterConfig">
<New class="org.keycloak.representations.adapters.config.AdapterConfig">
<Set name="realm">example</Set>
<Set name="resource">account</Set>
<Set name="authServerUrl">https://dev.oic.example.io/auth/</Set>
<Set name="sslRequired">external</Set>
<Set name="credentials">
<Map>
<Entry>
<Item>secret</Item>
<Item>password</Item>
</Entry>
</Map>
</Set>
</New>
</Set>
</New>
</Set>
</Get>
</Configure>
web. xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" version="3.0">
<module-name>example</module-name>
<security-constraint>
<web-resource-collection>
<web-resource-name>Customers</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>user</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>example</realm-name>
</login-config>
<security-role>
<role-name>admin</role-name>
</security-role>
<security-role>
<role-name>user</role-name>
</security-role>
</web-app>
Я запускаю причал на своем локальном компьютере, и он показывает:
java -jar start.jar
2020-05-26 22:18:30.664:INFO::main: Logging initialized @488ms to org.eclipse.jetty.util.log.StdErrLog
2020-05-26 22:18:30.841:WARN:oejs.HomeBaseWarning:main: This instance of Jetty is not running from a separate {jetty.base} directory, this is not recommended. See documentation at http://www.eclipse.org/jetty/documentation/current/startup.html
2020-05-26 22:18:30.866:INFO:oejs.Server:main: jetty-9.4.29.v20200521; built: 2020-05-21T17:20:40.598Z; git: 77c232aed8a45c818fd27232278d9f95a021095e; jvm 11.0.7+10-LTS
2020-05-26 22:18:30.879:INFO:oejdp.ScanningAppProvider:main: Deployment monitor [file:///home/developer/Downloads/jetty/webapps/] at interval 1
2020-05-26 22:18:31.589:INFO:oeja.AnnotationConfiguration:main: Scanning elapsed time=331ms
2020-05-26 22:18:31.878:INFO:oejs.session:main: DefaultSessionIdManager workerName=node0
2020-05-26 22:18:31.878:INFO:oejs.session:main: No SessionScavenger set, using defaults
2020-05-26 22:18:31.878:INFO:oejs.session:main: node0 Scavenging every 660000ms
[main] INFO o.h.s.Http4sServlet - Detected Servlet API version 3.1
[main] INFO o.h.s.Http4sServlet - Using non-blocking servlet I/O with chunk size 4096
2020-05-26 22:18:32.215:INFO:oejsh.ContextHandler:main: Started o.e.j.w.WebAppContext@333d4a8c{root,/,file:///tmp/jetty-0_0_0_0-8080-root_war-_-any-8991626788010910927.dir/webapp/,AVAILABLE}{/home/developer/Downloads/jetty/webapps/root.war}
2020-05-26 22:18:32.241:INFO:oejs.AbstractConnector:main: Started ServerConnector@65815756{HTTP/1.1, (http/1.1)}{0.0.0.0:8080}
2020-05-26 22:18:32.242:INFO:oejs.Server:main: Started @2066ms
Затем я вызываю localhost:8080 в браузере, и он перенаправляет меня на localhost:8443. Почему он не перенаправляет меня на https://dev.oic.example.io/auth/, который я настроил в файле jetty-web. xml.