public void init(final ServletContext servletContext, final Configuration configuration) { Assert.requireNonNull(servletContext, "servletContext"); Assert.requireNonNull(configuration, "configuration"); final KeycloakConfiguration keycloakConfiguration = new KeycloakConfiguration(configuration); if(keycloakConfiguration.isSecurityActive()) { if (LOG.isInfoEnabled()) { keycloakConfiguration.getSecureEndpoints().stream().forEach(e -> { LOG.info("Adding security to the following endpoint: {}", e); }); } this.extractFilter = new KeycloakSecurityContextExtractFilter(); KeycloakConfigResolverImpl.setConfiguration(keycloakConfiguration); final FilterRegistration.Dynamic keycloakSecurityFilter = servletContext.addFilter(SecurityServerConstants.FILTER_NAME, new KeycloakOIDCFilter()); keycloakSecurityFilter.setInitParameter(SecurityServerConstants.KEYCLOAK_CONFIG_RESOLVER_PROPERTY_NAME, KeycloakConfigResolverImpl.class.getName()); keycloakSecurityFilter.addMappingForUrlPatterns(EnumSet.allOf(DispatcherType.class), true, keycloakConfiguration.getSecureEndpointsArray()); final FilterRegistration.Dynamic keycloakExtractorFilter = servletContext.addFilter(SecurityServerConstants.EXTRACTOR_FILTER_NAME, extractFilter); keycloakExtractorFilter.addMappingForUrlPatterns(EnumSet.allOf(DispatcherType.class), true, "/*"); } }