You still have to configure Spring Security using Keycloak. See the documentation for an annotation based configuration. Once that's set up your another annotations will work. <br><br>PS - make sure to follow Spring Security naming conventions for roles. For the example above that would be ROLE_ADMIN<br><div class="gmail_quote"><div dir="ltr">On Fri, Jan 1, 2016 at 4:44 AM Andrey Saroul <<a href="mailto:andrey.saroul@gmail.com">andrey.saroul@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hello! I'm just a begginer in Spring Security, but I would like to know is it possible to configure keycloak in a way that I can use @PreAuthorize, @PostAuthorize, @Secured and other annotations.<div>For example, I've configured the keycloak-spring-security-adapter and Spring Security in my simple Spring Rest webapp so that I have access to Principal object in my controller, like this:</div><div><div><br></div><div>@RestController</div><div>public class TMSRestController {</div><div><br></div><div> @RequestMapping("/greeting")<br></div><div> public Greeting greeting(Principal principal, @RequestParam(value="name") String name) {</div><div> return new Greeting(String.format(template, name));</div><div> }</div></div><div>...</div><div>}</div><div><br></div><div>But when I try this (just an example, actually I want to execute custom EL expression before authorization):</div><div><br></div><div><div><div>@RestController</div><div>public class TMSRestController {</div><div><br></div><div> @RequestMapping("/greeting")<br></div><div> @PreAuthorize("hasRole('ADMIN')")</div><div> public Greeting greeting(Principal principal, @RequestParam(value="name") String name) {</div><div> return new Greeting(String.format(template, name));</div><div> }</div></div><div>...</div><div>}</div></div><div><br></div><div>... I get exception: org.springframework.security.authentication.AuthenticationCredentialsNotFoundException: An Authentication object was not found in the SecurityContext</div><div><br></div><div>What do I need to make this spring security annotations work?</div></div>
_______________________________________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></blockquote></div>