{"id":31916879,"url":"https://github.com/magistraapta/spring-security","last_synced_at":"2026-05-13T12:49:17.114Z","repository":{"id":317850770,"uuid":"1069060679","full_name":"magistraapta/spring-security","owner":"magistraapta","description":"Implementations of Spring Security.","archived":false,"fork":false,"pushed_at":"2025-10-18T05:11:31.000Z","size":40,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"master","last_synced_at":"2025-10-22T06:39:57.920Z","etag":null,"topics":["authentication","authorization","java","jwt-authentication","keycloak","spring-boot"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/magistraapta.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-10-03T10:42:31.000Z","updated_at":"2025-10-18T06:16:19.000Z","dependencies_parsed_at":"2025-10-03T13:29:40.892Z","dependency_job_id":"b4d0aabb-1f49-45b4-ac87-e1f66cf9a6c2","html_url":"https://github.com/magistraapta/spring-security","commit_stats":null,"previous_names":["magistraapta/spring-security"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/magistraapta/spring-security","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/magistraapta%2Fspring-security","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/magistraapta%2Fspring-security/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/magistraapta%2Fspring-security/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/magistraapta%2Fspring-security/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/magistraapta","download_url":"https://codeload.github.com/magistraapta/spring-security/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/magistraapta%2Fspring-security/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32983700,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-13T11:31:52.688Z","status":"ssl_error","status_checked_at":"2026-05-13T11:31:52.072Z","response_time":115,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","authorization","java","jwt-authentication","keycloak","spring-boot"],"created_at":"2025-10-13T20:14:48.048Z","updated_at":"2026-05-13T12:49:17.076Z","avatar_url":"https://github.com/magistraapta.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"## Spring Security Examples (Java)\n\nThis repository contains two independent Spring Boot applications demonstrating different authentication schemes:\n\n- `basic-auth`: Classic form/basic authentication with an in-memory user\n- `keycloak-auth`: OpenID Connect (OIDC) login with Keycloak as the Identity Provider\n\nBoth apps are self-contained Maven projects located in their respective folders.\n\n### Prerequisites\n- Java 17+\n- Maven 3.9+\n- Docker (for running Keycloak)\n\n---\n\n## basic-auth\nSimple Spring Security setup with a public endpoint and an authenticated area. A default in-memory user is configured via properties.\n\n### How to run\n```bash\ncd basic-auth\n./mvnw spring-boot:run\n```\n\n### Configuration\nSource: `basic-auth/src/main/resources/application.properties`\n\n- `server.port=8080`\n- `spring.security.user.name=user`\n- `spring.security.user.password=password`\n\n### Endpoints\n- `GET /` — public, returns a plain text greeting\n- `GET /admin` — protected, requires role `ADMIN`\n\nNote: The default in-memory user has role `USER`. Accessing `/admin` will return 403 unless you configure a user with role `ADMIN`.\n\nExample login page is provided by Spring Security (form login).\n\n---\n\n## keycloak-auth\nSpring Security OAuth2/OIDC login backed by a Keycloak server. Renders Thymeleaf views.\n\n### How to run the app\n```bash\ncd keycloak-auth\n./mvnw spring-boot:run\n```\n\nThe app runs on `http://localhost:8082` by default.\n\n### How to run Keycloak\n```bash\ncd keycloak-auth\ndocker compose up -d\n```\n\nThis starts Keycloak at `http://localhost:8080` with admin user `admin/admin` (for the Keycloak admin console).\n\n### Keycloak configuration (one-time setup)\nAfter Keycloak is up, open the admin console at `http://localhost:8080` and:\n1. Create a realm named `keycloak-test-realm`.\n2. Create a confidential client named `keycloak-test-client`.\n   - Client type: OpenID Connect\n   - Access type: Confidential\n   - Client secret: set to the value in `application.properties`\n   - Valid redirect URIs: `http://localhost:8082/login/oauth2/code/keycloak`\n   - Web origins: `http://localhost:8082`\n3. Create a user in the realm and set a password (and verify email if desired).\n\nThe app is already configured to use:\n- `issuer-uri=http://localhost:8080/realms/keycloak-test-realm`\n- `client-id=keycloak-test-client`\n- `redirect-uri={baseUrl}/login/oauth2/code/{registrationId}`\n\n### Endpoints\n- `GET /` — public page. If authenticated, shows user details.\n- `GET /private` — requires authentication; triggers OIDC login with Keycloak.\n\nLogout uses OIDC RP-initiated logout and returns to the application base URL.\n\n---\n\n## Running both projects\n- Keycloak runs on port `8080` by default (from `docker-compose.yml`).\n- `keycloak-auth` app runs on port `8082`.\n- `basic-auth` app runs on port `8080`.\n\nBecause both Keycloak and `basic-auth` use port `8080`, you cannot run them simultaneously without changing a port. Options:\n- Change `basic-auth` `server.port` to a different value (e.g., `8083`), or\n- Map Keycloak to a different host port in `docker-compose.yml` and adjust `issuer-uri` accordingly.\n\n---\n\n## Quick verification\n### basic-auth\n1. Start the app.\n2. Visit `http://localhost:8080/` — should show a public message.\n3. Visit `http://localhost:8080/admin` — should redirect to login; default user `user/password` will authenticate but will get 403 without `ADMIN` role.\n\n### keycloak-auth\n1. Start Keycloak via Docker and configure realm/client as above.\n2. Start the app.\n3. Visit `http://localhost:8082/` — public page; if logged in, user details are displayed.\n4. Visit `http://localhost:8082/private` — redirects to Keycloak for login; upon success, renders a page with user info.\n\n---\n\n## Modules overview\n- `basic-auth/src/main/java/com/basic/basic_auth/controller/BasicController.java`\n  - `/` public\n  - `/admin` requires `ADMIN` (via `@PreAuthorize(\"hasRole('ADMIN')\")`)\n- `basic-auth/src/main/java/com/basic/basic_auth/config/SecurityConfig.java`\n  - CSRF disabled, form login enabled, `/` permitted, others authenticated\n- `keycloak-auth/src/main/java/com/auth/keycloak_auth/controllers/AppController.java`\n  - `/` public view; shows user info if present\n  - `/private` authenticated view\n- `keycloak-auth/src/main/java/com/auth/keycloak_auth/config/SecurityConfig.java`\n  - OIDC login enabled, RP-initiated logout configured\n\n---\n\n## License\nMIT (or your chosen license)\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmagistraapta%2Fspring-security","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmagistraapta%2Fspring-security","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmagistraapta%2Fspring-security/lists"}