debug

Websocket test
Webso
2024-05-17 11:37:21 +02:00 · 2024-05-17 11:15:46 +02:00 · 2024-05-16 14:54:27 +02:00
1 changed files with 6 additions and 2 deletions
--- a/src/main/java/com/knecon/fforesight/keycloakcommons/security/SecuredKeyCloakConfiguration.java
+++ b/src/main/java/com/knecon/fforesight/keycloakcommons/security/SecuredKeyCloakConfiguration.java
@ -59,7 +59,11 @@ public class SecuredKeyCloakConfiguration {

        http.anonymous().disable();
        http.httpBasic().disable();
-        http.csrf().disable();
+        http.csrf(csrf -> csrf.ignoringRequestMatchers("/redaction-gateway-v1/websocket/**"));
+        http.headers(headers -> headers
+                // allow same origin to frame our site to support iframe SockJS
+                .frameOptions(frameOptions -> frameOptions
+                                .sameOrigin()));

        http.oauth2ResourceServer(oauth2 -> oauth2.authenticationManagerResolver(tenantAuthenticationManagerResolver));
        http.authorizeHttpRequests().anyRequest().authenticated();
@ -73,7 +77,7 @@ public class SecuredKeyCloakConfiguration {
    @Bean
    public WebSecurityCustomizer webSecurityCustomizer(CommonsKeyCloakProperties commonsKeyCloakProperties) {

-        return (web) -> web.debug(false)
+        return (web) -> web.debug(true)
                .ignoring()
                .requestMatchers(commonsKeyCloakProperties.getIgnoredEndpoints().toArray(new String[0]))
                .requestMatchers(HttpMethod.OPTIONS, "/**");
Author	SHA1	Message	Date
Dominique Eifländer	6894f0f61c	debug	2024-05-17 11:37:21 +02:00
Dominique Eifländer	04807ab9eb	Websocket test	2024-05-17 11:15:46 +02:00
Dominique Eifländer	e11cb8149e	Webso	2024-05-16 14:54:27 +02:00