Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to get UserGroups from KeyCloak and print them in Java

Tags:

spring-boot

spring-security

keycloak

spring-security-oauth2

I have a spring-boot application which uses spring-boot-starter-security and I have integrated Keycloak to Spring Boot application for authentication / authorization purposes. I want to fetch UserGroups from KeyCloak and display them in my SpringBoot Application. Do you know a way to fetch UserGroups from KeyCloak and display them at screen? There should be an implementation to provide it ?

This is my SecurityConfiguration java :

  @Configuration
  @EnableGlobalMethodSecurity(prePostEnabled = true)
  @EnableWebSecurity
  public class KeyCloakSecurityConfig extends WebSecurityConfigurerAdapter {

 private final KeycloakJwtConfig keycloakJwtConfig;



  @Override
  public void configure(final HttpSecurity http) throws Exception {
   http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
    .and()
    .csrf().disable()
    .formLogin().disable()
    .authorizeRequests()
    .antMatchers(HttpMethod.GET, "/actuator/health").permitAll()
    .anyRequest().authenticated()
    .and()
    .oauth2ResourceServer()
    .jwt()
    .jwtAuthenticationConverter(new JwtAuthoritiesExtractor())
    .jwkSetUri(this.keycloakJwtConfig.jwkSetUri());
   }

 @Autowired
public SecurityConfiguration(final KeycloakJwtConfig   keycloakJwtConfig) {
 keycloakJwtConfig = keycloakJwtConfig;
    }
like image 976
Tonyukuk Avatar asked Sep 01 '25 04:09

Tonyukuk

1 Answers

For listing all user groups within a Keycloak realm in Java, you may use Keycloak Admin REST client library provided with Keycloak and available in public Maven repositories: groupId=org.keycloak, artifactId=keycloak-admin-client, version is/should be the same as your Keycloak server (at least the same major and minor parts). Basically, with this library, you create a Keycloak instance, then select the realm, and get the groups from there, e.g. as shown in the Server Developer guide, section Admin REST API > Example using Java and the GroupTest test case on Keycloak github (method searchAndCountGroups).

Keycloak keycloak = Keycloak.getInstance(
    "http://localhost:8080/auth",
    "master",
    "admin",
    "password",
    "admin-cli");
RealmRepresentation realm = keycloak.realm("master").toRepresentation();

for (GroupRepresentation group : realm.groups().groups()) 
{
  // Display group.getId(), group.getName(), etc.
}
like image 105
cdan Avatar answered Sep 04 '25 10:09

cdan
Sign in to Comment

Related questions

Where are spring tutorials without spring-boot? [closed]
java.lang.NoSuchMethodError: org.springframework.core.convert.support.ConversionServiceFactory.createDefaultConversionService()
LazyToOne and Spring LoadTimeWeaver
Circular reference in Spring Boot
Springboot @ConfigurationProperties to Map of Maps or (Nested Map/MultiKeyMap)
Could not autowire field ParameterNameDiscoverer
swagger-codegen-maven-plugin with springdoc-openapi-ui
How to ignore gradle build of root project for a multi-project Kotlin Spring Boot application?
"Cannot resolve com.squareup.okhttp3:mockwebserver:unknown" error after upgrade to Spring Boot 3.4.0
java.lang.NoSuchMethodException: sun.misc.Unsafe.defineClass(java.lang.String,[B,int,int,java.lang.ClassLoader,java.security.ProtectionDomain)
Many to Many relationships using Spring Boot, Jackson and Hibernate
How to access cache values in Spring
how to query case insensitivity and contains with Spring MongoTemplate
Spring Boot Security - Thymeleaf sec:authorize not working
Spring boot Kubernetes Service Discovery
how to integrate with npm web app and spring boot with gradle?
Spring-Boot - Activating Hibernate 2nd Level Cache
Feign Client Error Handling
Caused by: java.io.IOException: ObjectIdentifier() -- data isn't an object ID (tag = 48)
IllegalArgumentException("Null KeyStore name") while trying to debug SpringBoot App [closed]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!