[keycloak-user] Keycloak authorization support for spring boot.

[Rong -]

Hi,

I am trying to set up a keycloak as an independent server for authorization purpose. Our rest API service is built on spring boot, implemented as a resource server as for "policy enforcer". However, I have many issues when trying to set this up.

1. spring boot works fine if I only set up the security constraints(for rest api) in configuration file. But I want to enable policy enforcer for spring boot, is this possible? Is there some example for how to enable policy enforcer in spring boot, especially for how to set up those parameters?
2. We also want to have an access control list of which user can access which project, I have set up a "user policy" in keycloak admin console in client's "authorization", whet else shall we do in spring boot configuration?
3. If I enable policy enforcer in authorization layer (in spring boot), is it still required to add the security constraints in spring boot's application properties? I assume if authorization is enabled for resource server and the web service/URL constraints are added in resource server's policy, there should be no further settings in configuration for the security constraints?

Thanks,
Rong