diff --git a/spring-boot-modules/spring-boot-keycloak-2/pom.xml b/spring-boot-modules/spring-boot-keycloak-2/pom.xml
index a119a09561..8b1eec2e4e 100644
--- a/spring-boot-modules/spring-boot-keycloak-2/pom.xml
+++ b/spring-boot-modules/spring-boot-keycloak-2/pom.xml
@@ -17,18 +17,6 @@
../../parent-boot-2
-
-
-
- org.keycloak.bom
- keycloak-adapter-bom
- ${keycloak-adapter-bom.version}
- pom
- import
-
-
-
-
org.springframework.boot
@@ -39,8 +27,12 @@
spring-boot-starter-security
- org.keycloak
- keycloak-spring-boot-starter
+ org.springframework.boot
+ spring-boot-starter-oauth2-resource-server
+
+
+ org.springframework.boot
+ spring-boot-starter-oauth2-client
org.springframework.boot
@@ -58,8 +50,4 @@
-
- 15.0.2
-
-
\ No newline at end of file
diff --git a/spring-boot-modules/spring-boot-keycloak-2/src/main/java/com/baeldung/disablingkeycloak/KeycloakConfiguration.java b/spring-boot-modules/spring-boot-keycloak-2/src/main/java/com/baeldung/disablingkeycloak/KeycloakConfiguration.java
deleted file mode 100644
index a9a2ea6a18..0000000000
--- a/spring-boot-modules/spring-boot-keycloak-2/src/main/java/com/baeldung/disablingkeycloak/KeycloakConfiguration.java
+++ /dev/null
@@ -1,14 +0,0 @@
-package com.baeldung.disablingkeycloak;
-
-import org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-
-@Configuration
-public class KeycloakConfiguration {
-
- @Bean
- public KeycloakSpringBootConfigResolver keycloakConfigResolver() {
- return new KeycloakSpringBootConfigResolver();
- }
-}
diff --git a/spring-boot-modules/spring-boot-keycloak-2/src/main/java/com/baeldung/disablingkeycloak/KeycloakSecurityConfig.java b/spring-boot-modules/spring-boot-keycloak-2/src/main/java/com/baeldung/disablingkeycloak/KeycloakSecurityConfig.java
index d48c99d8fd..f5837ba2a5 100644
--- a/spring-boot-modules/spring-boot-keycloak-2/src/main/java/com/baeldung/disablingkeycloak/KeycloakSecurityConfig.java
+++ b/spring-boot-modules/spring-boot-keycloak-2/src/main/java/com/baeldung/disablingkeycloak/KeycloakSecurityConfig.java
@@ -1,38 +1,42 @@
package com.baeldung.disablingkeycloak;
-import org.keycloak.adapters.springsecurity.KeycloakConfiguration;
-import org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter;
-import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.web.authentication.session.NullAuthenticatedSessionStrategy;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer;
+import org.springframework.security.core.session.SessionRegistryImpl;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy;
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
-@KeycloakConfiguration
+@Configuration
+@EnableWebSecurity
@ConditionalOnProperty(name = "keycloak.enabled", havingValue = "true", matchIfMissing = true)
-public class KeycloakSecurityConfig extends KeycloakWebSecurityConfigurerAdapter {
+public class KeycloakSecurityConfig {
- @Autowired
- public void configureGlobal(AuthenticationManagerBuilder auth) {
- auth.authenticationProvider(keycloakAuthenticationProvider());
+ @Bean
+ protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
+ return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl());
}
@Bean
- @Override
- protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
- return new NullAuthenticatedSessionStrategy();
- }
-
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- super.configure(http);
-
+ public SecurityFilterChain filterChain1(HttpSecurity http) throws Exception {
http.csrf()
.disable()
- .authorizeRequests()
- .anyRequest()
- .authenticated();
+ .authorizeHttpRequests(auth -> auth.anyRequest()
+ .authenticated());
+ http.oauth2Login();
+ http.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt);
+ return http.build();
+ }
+
+ @Bean
+ public AuthenticationManager authenticationManager(HttpSecurity http) throws Exception {
+ return http.getSharedObject(AuthenticationManagerBuilder.class)
+ .build();
}
}
diff --git a/spring-boot-modules/spring-boot-keycloak-2/src/main/resources/application-disabling-keycloak.properties b/spring-boot-modules/spring-boot-keycloak-2/src/main/resources/application-disabling-keycloak.properties
deleted file mode 100644
index 21263cf725..0000000000
--- a/spring-boot-modules/spring-boot-keycloak-2/src/main/resources/application-disabling-keycloak.properties
+++ /dev/null
@@ -1,7 +0,0 @@
-# Keycloak authentication is enabled for production.
-keycloak.enabled=true
-keycloak.realm=SpringBootKeycloak
-keycloak.auth-server-url=http://localhost:8180/auth
-keycloak.resource=login-app
-keycloak.bearer-only=true
-keycloak.ssl-required=external
diff --git a/spring-boot-modules/spring-boot-keycloak-2/src/main/resources/application.properties b/spring-boot-modules/spring-boot-keycloak-2/src/main/resources/application.properties
new file mode 100644
index 0000000000..1f08eac234
--- /dev/null
+++ b/spring-boot-modules/spring-boot-keycloak-2/src/main/resources/application.properties
@@ -0,0 +1,10 @@
+server.port=8081
+keycloak.enabled=true
+
+spring.security.oauth2.client.registration.keycloak.client-id=login-app
+spring.security.oauth2.client.registration.keycloak.authorization-grant-type=authorization_code
+spring.security.oauth2.client.registration.keycloak.scope=openid
+spring.security.oauth2.client.provider.keycloak.issuer-uri=http://localhost:8080/realms/SpringBootKeycloak
+spring.security.oauth2.client.provider.keycloak.user-name-attribute=preferred_username
+
+spring.security.oauth2.resourceserver.jwt.issuer-uri=http://localhost:8080/realms/SpringBootKeycloak
\ No newline at end of file