Provide Best Programming Tutorials

Integrate Spring Security and Keycloak

This article will show you how to integrate spring security and Keycloak together.

Three main steps to do this job:

  1. Create a new Spring boot project
  2. Config Keycloak
  3. Config spring security

Create a new Spring boot project

Add maven dependencies:




### server port

#Keycloak Configuration

package com.andrewprogramming.keycloakdemo.controller;

import com.andrewprogramming.keycloakdemo.dao.CustomerDAO;
import com.andrewprogramming.keycloakdemo.entity.Customer;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.GetMapping;


import org.springframework.beans.factory.annotation.Autowired;

public class WebController {

    private CustomerDAO customerDAO;

    @GetMapping(path = "/")
    public String index() {
        return "external";

    @GetMapping(path = "/customers")
    public String customers(Principal principal, Model model) {
        Iterable<Customer> customers = customerDAO.findAll();
        model.addAttribute("customers", customers);
        model.addAttribute("username", principal.getName());
        return "customers";

    // add customers for demonstration
    public void addCustomers() {

        Customer customer1 = new Customer();
        customer1.setAddress("1111 foo blvd");
        customer1.setName("Foo Industries");
        customer1.setServiceRendered("Important services");;

        Customer customer2 = new Customer();
        customer2.setAddress("2222 bar street");
        customer2.setName("Bar LLP");
        customer2.setServiceRendered("Important services");;

        Customer customer3 = new Customer();
        customer3.setAddress("33 main street");
        customer3.setName("Big LLC");
        customer3.setServiceRendered("Important services");;

import com.andrewprogramming.keycloakdemo.entity.Customer;

public interface CustomerDAO extends CrudRepository<Customer, Long> {


public class Customer {
    @GeneratedValue(strategy = GenerationType.IDENTITY)
    private long id;
    private String name;
    private String serviceRendered;
    private String address;

    public long getId() {
        return id;

    public void setId(long id) { = id;

    public String getName() {
        return name;

    public void setName(String name) { = name;

    public String getServiceRendered() {
        return serviceRendered;

    public void setServiceRendered(String serviceRendered) {
        this.serviceRendered = serviceRendered;

    public String getAddress() {
        return address;

    public void setAddress(String address) {
        this.address = address;



Config Keycloak

  1. Create a new realm: “SpringBootKeycloak”
  2. Create a new Client: “login-app”
  3. Create a new user and name it: “adminUser”
  4. Create a new role and name it: “user”
  5. Assign the role “user” to the user “adminUser”

Spring security part

        basePackageClasses = KeycloakSecurityComponents.class,
        excludeFilters = @ComponentScan.Filter(type = FilterType.REGEX, pattern = ""))
class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter {
    // Submits the KeycloakAuthenticationProvider to the AuthenticationManager
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        KeycloakAuthenticationProvider keycloakAuthenticationProvider = keycloakAuthenticationProvider();
        keycloakAuthenticationProvider.setGrantedAuthoritiesMapper(new SimpleAuthorityMapper());

    public KeycloakSpringBootConfigResolver KeycloakConfigResolver() {
        return new KeycloakSpringBootConfigResolver();

    // Specifies the session authentication strategy
    protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
        return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl());

    protected void configure(HttpSecurity http) throws Exception {

Running result

If everything is ok  when you type http://your_id_address:8081 you can see this page

Click customers link and it will show below page:

Type username : adminUser and password adminUser it should lead you to this page below




Leave a Reply

Close Menu