Hello! I'm just a begginer in Spring Security, but I would like to know is it possible to configure keycloak in a way that I can use @PreAuthorize, @PostAuthorize, @Secured and other annotations.

For example, I've configured the keycloak-spring-security-adapter and Spring Security in my simple Spring Rest webapp so that I have access to Principal object in my controller, like this:

@RestController

public class TMSRestController {

@RequestMapping("/greeting")

public Greeting greeting(Principal principal, @RequestParam(value="name") String name) {

return new Greeting(String.format(template, name));

}

...

}

But when I try this (just an example, actually I want to execute custom EL expression before authorization):

@RestController

public class TMSRestController {

@RequestMapping("/greeting")

@PreAuthorize("hasRole('ADMIN')")

public Greeting greeting(Principal principal, @RequestParam(value="name") String name) {

return new Greeting(String.format(template, name));

}

...

}

... I get exception: org.springframework.security.authentication.AuthenticationCredentialsNotFoundException: An Authentication object was not found in the SecurityContext

What do I need to make this spring security annotations work?