Description
Description
I'm working on adding single-sign-on (spring-boot-starter-oauth2-client) to a Spring Boot (3.4.5) and kept getting stuck. I could narrow down to problem to problem-spring-web-starter (0.29.1).
Expected Behavior
The usual SSO flow works as intended. Unauthenticated requests are redirected to the SSO login mask.
Actual Behavior
User sees an empty page (Status 200). The log shows an AuthorizationDeniedException.
Full log: scratch.txt
Similar behavior has been observed when attempting SAML2 instead of OAuth2 using spring-security-saml2-service-provider.
Possible Fix
n/a
Steps to Reproduce
Minimal example: https://github.com/deskjet/spring-boot-keycloak-oauth2-zalando-problem
- start the pre-configured Keycloak server using the included docker-compose file
- run the example project using
./gradlew bootRunor using your IDE - go to
http://localhost:8080/private
If you remove problem-spring-web-starter, you can use this to login:
- Username:
john.doe - Password:
password
Context
As stated in the description, the plan is to have users authenticate using SSO while also getting the benefits of problem-spring-web. It appears that I'm missing something but I'm out of ideas. Following the steps from the installation guide also didn't help.
Your Environment
- problem-spring-web-starter: 0.29.1
- Kotlin: 1.9.25
- org.springframework.boot: 3.4.5
- JVM: 21