Spring 引導 - 禁用默認登錄頁面

Question

我目前正在做一個小項目。 我想使用 keycloak 作為授權服務器，我的 applicationn 作為 spring 網關和 oauth2 客戶端。

這是問題：

輸入端點時，我被重定向到 keycloak 登錄頁面，這很好。 但是每當我輸入端點“localhost:9090/login”時，我都會進入默認的 oauth2 登錄頁面：登錄頁面

由於我使用 oauth2 客戶端依賴項並使用ServerHttpSecurity而不是HttpSecurity ，因此我無法使用：

httpSecurity
        .oauth2Login()
        .loginPage("/redirect");

---

這是我當前的配置：

如果您有問題，我將演示推送到此github 存儲庫中

網關 pom.xml

    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>2.7.3</version>
        <relativePath/> <!-- lookup parent from repository -->
    </parent>

    <groupId>at.matkollin</groupId>
    <artifactId>spring-demo</artifactId>
    <version>1.0.0-SNAPSHOT</version>

    <properties>
        <java.version>17</java.version>
        <spring-cloud.version>2021.0.1</spring-cloud.version>
    </properties>

    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-oauth2-client</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.cloud</groupId>
            <artifactId>spring-cloud-starter-gateway</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-actuator</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>
    </dependencies>

網關應用。yaml：

spring:
  security:
    oauth2:
      client:
        registration:
          keycloak-spring-gateway-client:
            provider: my-keycloak-provider
            scope: openid
            client-id: spring-gateway-client
            client-secret: xxxxxxxxxx
            authorization-grant-type: authorization_code
            redirect-uri: "{baseUrl}/login/oauth2/code/keycloak"
        provider:
          my-keycloak-provider:
            issuer-uri: http://172.31.0.2:8080/realms/Demo
            token-uri: http://172.31.0.2:8080/auth/realms/Demo/protocol/openid-connect/token
            authorization-uri: http://172.31.0.2:8080/auth/realms/Demo/protocol/openid-connect/auth
            userinfo-uri: http://172.31.0.2:8080/auth/realms/Demo/protocol/openid-connect/userinfo
            user-name-attribute: preferred_username

server:
  port: 9090

management:
  endpoints:
    web:
      exposure:
        include: "*"

安全配置：

@Configuration
public class SecurityConfig {

    @Bean
    public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
        http
                        .authorizeExchange()
                        .pathMatchers("/actuator/**", "/")
                        .permitAll()
                        .and()
                        .authorizeExchange()
                        .anyExchange()
                        .authenticated()
                        .and()
                        .oauth2Login();

        return http.build();
    }

Answer 1

您可以使用以下配置禁用它

spring.autoconfigure.exclude[0]=org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration
spring.autoconfigure.exclude[1]=org.springframework.boot.actuate.autoconfigure.security.servlet.ManagementWebSecurityAutoConfiguration

第二行是禁用執行器安全性