I'm trying to integrate my applications with spring boot admin, and they are protected by keycloak. I was successful at this step, however, when configuring the Spring Boot Admin project to authenticate with Keycloak, the application had two ways to log in, spring boot admin and spring boot security, I would like to disable spring boot admin or make Keycloak the only/main authenticator.
Spring Boot Security Login (Keycloak)
Example: https://github.com/alverad-katsuro/spring_boot_admin_sample
To try to solve the problem, I tried to disable the spring boot admin login, but without success, I was tempted to force the url to be redirected to "/" whenever it goes to /login?redirectTo, but this is not something I want to do.
Apparently, what you want is OAuth2 client configuration with login and your app already has a security filter-chain for that.
RTFM: follow the steps described there to update your existing
SecurityFilterChainconfiguration, ignoring what is related to Form login and Basic auth (steps 3 and 4).You should ignore
rememberMeconfiguration too (this is implemented by your authorization server).You'll probably want something a little more elaborated at step 2 (something like
hasAuthority("observability")).