From e11cb8149e924464753cfd93bb637eb0b14a1312 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dominique=20Eifl=C3=A4nder?=
 <dominique.eiflaender@knecon.com>
Date: Thu, 16 May 2024 14:54:21 +0200
Subject: [PATCH] Webso

---
 .../security/SecuredKeyCloakConfiguration.java              | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/main/java/com/knecon/fforesight/keycloakcommons/security/SecuredKeyCloakConfiguration.java b/src/main/java/com/knecon/fforesight/keycloakcommons/security/SecuredKeyCloakConfiguration.java
index 9ba0227..254c58a 100644
--- a/src/main/java/com/knecon/fforesight/keycloakcommons/security/SecuredKeyCloakConfiguration.java
+++ b/src/main/java/com/knecon/fforesight/keycloakcommons/security/SecuredKeyCloakConfiguration.java
@@ -59,7 +59,11 @@ public class SecuredKeyCloakConfiguration {
 
         http.anonymous().disable();
         http.httpBasic().disable();
-        http.csrf().disable();
+        http.csrf(csrf -> csrf.ignoringRequestMatchers("/gs-guide-websocket/**"));
+        http.headers(headers -> headers
+                // allow same origin to frame our site to support iframe SockJS
+                .frameOptions(frameOptions -> frameOptions
+                                .sameOrigin()));
 
         http.oauth2ResourceServer(oauth2 -> oauth2.authenticationManagerResolver(tenantAuthenticationManagerResolver));
         http.authorizeHttpRequests().anyRequest().authenticated();