diff --git a/integration/spring-boot/src/main/java/org/keycloak/adapters/springboot/KeycloakSpringBootConfiguration.java b/integration/spring-boot/src/main/java/org/keycloak/adapters/springboot/KeycloakSpringBootConfiguration.java
index e9056e2..f48929d 100755
--- a/integration/spring-boot/src/main/java/org/keycloak/adapters/springboot/KeycloakSpringBootConfiguration.java
+++ b/integration/spring-boot/src/main/java/org/keycloak/adapters/springboot/KeycloakSpringBootConfiguration.java
@@ -17,6 +17,9 @@ import org.springframework.boot.context.properties.EnableConfigurationProperties
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
+import java.util.HashSet;
+import java.util.Set;
+
/**
* Keycloak authentication integration for Spring Boot
*
@@ -65,16 +68,52 @@ public class KeycloakSpringBootConfiguration {
loginConfig.setAuthMethod("KEYCLOAK");
context.setLoginConfig(loginConfig);
- context.addSecurityRole("jimmiapprole");
+ Set<String> authRoles = new HashSet<String>();
+ for (KeycloakSpringBootProperties.SecurityConstraint constraint : keycloakProperties.getSecurityConstraints()) {
+ for (KeycloakSpringBootProperties.SecurityCollection collection : constraint.getSecurityCollections()) {
+ for (String authRole : collection.getAuthRoles()) {
+ if (!authRoles.contains(authRole)) {
+ context.addSecurityRole(authRole);
+ authRoles.add(authRole);
+ }
+ }
+ }
+ }
+
+ for (KeycloakSpringBootProperties.SecurityConstraint constraint : keycloakProperties.getSecurityConstraints()) {
+ SecurityConstraint tomcatConstraint = new SecurityConstraint();
+
+ for (KeycloakSpringBootProperties.SecurityCollection collection : constraint.getSecurityCollections()) {
+ SecurityCollection tomcatSecCollection = new SecurityCollection();
+
+ if (collection.getName() != null) {
+ tomcatSecCollection.setName(collection.getName());
+ }
+ if (collection.getDescription() != null) {
+ tomcatSecCollection.setDescription(collection.getDescription());
+ }
- SecurityConstraint constraint = new SecurityConstraint();
- constraint.addAuthRole("jimmiapprole");
+ for (String authRole : collection.getAuthRoles()) {
+ tomcatConstraint.addAuthRole(authRole);
+ }
- SecurityCollection collection = new SecurityCollection();
- collection.addPattern("/*");
- constraint.addCollection(collection);
+ for (String pattern : collection.getPatterns()) {
+ tomcatSecCollection.addPattern(pattern);
+ }
- context.addConstraint(constraint);
+ for (String method : collection.getMethods()) {
+ tomcatSecCollection.addMethod(method);
+ }
+
+ for (String method : collection.getOmittedMethods()) {
+ tomcatSecCollection.addOmittedMethod(method);
+ }
+
+ tomcatConstraint.addCollection(tomcatSecCollection);
+ }
+
+ context.addConstraint(tomcatConstraint);
+ }
context.addParameter("keycloak.config.resolver", KeycloakSpringBootConfigResolver.class.getName());
}
diff --git a/integration/spring-boot/src/main/java/org/keycloak/adapters/springboot/KeycloakSpringBootProperties.java b/integration/spring-boot/src/main/java/org/keycloak/adapters/springboot/KeycloakSpringBootProperties.java
index ee922d1..18ec791 100644
--- a/integration/spring-boot/src/main/java/org/keycloak/adapters/springboot/KeycloakSpringBootProperties.java
+++ b/integration/spring-boot/src/main/java/org/keycloak/adapters/springboot/KeycloakSpringBootProperties.java
@@ -3,7 +3,88 @@ package org.keycloak.adapters.springboot;
import org.keycloak.representations.adapters.config.AdapterConfig;
import org.springframework.boot.context.properties.ConfigurationProperties;
+import java.util.ArrayList;
+import java.util.List;
+
@ConfigurationProperties(prefix = "keycloak", ignoreUnknownFields = false)
public class KeycloakSpringBootProperties extends AdapterConfig {
+ private List<SecurityConstraint> securityConstraints = new ArrayList<SecurityConstraint>();
+
+ public static class SecurityConstraint {
+ private List<SecurityCollection> securityCollections = new ArrayList<SecurityCollection>();
+
+ public List<SecurityCollection> getSecurityCollections() {
+ return securityCollections;
+ }
+
+ public void setSecurityCollections(List<SecurityCollection> securityCollections) {
+ this.securityCollections = securityCollections;
+ }
+ }
+
+ public static class SecurityCollection {
+ private String name;
+ private String description;
+ private List<String> authRoles = new ArrayList<String>();
+ private List<String> patterns = new ArrayList<String>();
+ private List<String> methods = new ArrayList<String>();
+ private List<String> omittedMethods = new ArrayList<String>();
+
+ public List<String> getAuthRoles() {
+ return authRoles;
+ }
+
+ public List<String> getPatterns() {
+ return patterns;
+ }
+
+ public List<String> getMethods() {
+ return methods;
+ }
+
+ public String getDescription() {
+ return description;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public List<String> getOmittedMethods() {
+ return omittedMethods;
+ }
+
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ public void setDescription(String description) {
+ this.description = description;
+ }
+
+ public void setAuthRoles(List<String> authRoles) {
+ this.authRoles = authRoles;
+ }
+
+ public void setPatterns(List<String> patterns) {
+ this.patterns = patterns;
+ }
+
+ public void setMethods(List<String> methods) {
+ this.methods = methods;
+ }
+
+ public void setOmittedMethods(List<String> omittedMethods) {
+ this.omittedMethods = omittedMethods;
+ }
+ }
+
+ public List<SecurityConstraint> getSecurityConstraints() {
+ return securityConstraints;
+ }
+
+ public void setSecurityConstraints(List<SecurityConstraint> securityConstraints) {
+ this.securityConstraints = securityConstraints;
+ }
}
