Please, can you describe your solution with more details? I solved my issue by: 1. Creating a custom KeycloakAuthenticationEntryPoint to redirect to /RootContext/{realmName}/sso/login. How do i do that? I can create a custom KeycloakAuthenticationEntryPoint (NewKeycloakAuthenticationEntryPoint) and set it in the keycloak xml config file: <bean id="keycloakAuthenticationEntryPoint" class="org.myApp.NewKeycloakAuthenticationEntryPoint"> <constructor-arg name="adapterDeploymentContext" ref="adapterDeploymentContext" /> </bean> Then? How do i do to redirect to /RootContext/{realmName}/sso/login ? 2. Overrode the keycloakAuthenticationProcessingFilter method in the KeycloakWebSecurityConfigurerAdapter implementation to change the AntPathRequestMatcher to match. How do you do to specified that? I can create a new class NewKeycloakWebSecurityConfigurerAdapter and override the method keycloakAuthenticationProcessingFilter as you describe, but i don't understand how i set that class for use it when the app is running. Do i have to set it in the keycloak config xml file ? ------------------------------ Mattia Bello Developer Horsa S.p.A. Via Cadorna, 67 Vimodrone (MI) Mobile (+39) 347 37 64 875 www.horsa.it