It took me a while to achieve this, I think someone will need it
@KeycloakConfiguration
class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter {@Bean
public FilterRegistrationBean corsFilter() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
CorsConfiguration config = new CorsConfiguration().applyPermitDefaultValues();
source.registerCorsConfiguration("/**", config);
FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
bean.setOrder(Ordered.HIGHEST_PRECEDENCE);
return bean;
}@Override
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
http.addFilter(corsFilter().getFilter())...
.anyRequest().authenticated()}}