[keycloak-user] Need help configuring security constraints programmatically

[Andrey Saroul]

Hello, I'm trying to configure security for simple Spring Rest Webapp and
Keycloak.
I've configured Keycloak server 1.7.0.Final on WildFly 9.0.2 (created
realms, clients, roles, etc.). And it works just fine.
Then I created simple Spring Rest App (boot-less) to test Keycloak security
login. I generated keycloak.json file and put it in my WEB-INF folder.
Then I configured web.xml and Spring dispatcher-servlet.xml. And finally
created annotation driven security config.

protected void configure(HttpSecurity http) throws Exception {
    super.configure(http);
    http.authorizeRequests().antMatchers("/*").hasRole("tms-rest");
}

But when I try to test my web app in browser it does not redirect me to
keycloak login page. I made it work when I configured security-constraint
in web.xml.

<security-constraint>
    <web-resource-collection>
        <web-resource-name>tms</web-resource-name>
        <url-pattern>/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
        <role-name>tms-rest</role-name>
    </auth-constraint>
</security-constraint>

<security-role>
    <role-name>tms-rest</role-name>
</security-role>


It seems to me that Spring isn't picking up my security rules from security
config bean. Is there any suggestion what am I doing wrong?
And how to be able to set config programmatically?

My app source is in attachment.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20151231/26059213/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: rest-app.zip
Type: application/zip
Size: 6348 bytes
Desc: not available
Url : http://lists.jboss.org/pipermail/keycloak-user/attachments/20151231/26059213/attachment.zip