Upgrading Keycloak - Spring Security setup from Keycloak 4.8.3.Final to Keycloak 8.0.1

Upgrading Keycloak - Spring Security setup from Keycloak 4.8.3.Final to Keycloak 8.0.2.

A small change is needed on the application side to upgrade from Keycloak 4.8.3 to 8.0.2, and it’s due to a bug (KEYCLOAK-11282).

Now, you need to specify a KeycloakSpringBootConfigResolver bean (KeycloakConfigResolver is not enough), and this cannot be specified inside the same @Configuration class as where you have @KeycloakConfiguration.

@Configuration
public class KeycloakConfig {

    @Bean
    public KeycloakSpringBootConfigResolver keycloakConfigResolver() {
        return new KeycloakSpringBootConfigResolver();
    }
}

This issue is fixed in Keycloak 9, so you could put it back with your other Keycloak configuration when you upgrade, but I advise against it. The reason is that if you ever want to switch your embedded servlet container to, for example, Undertow, you will get vague errors on startup while creating Spring MVC beans (Caused by: java.lang.IllegalStateException: No ServletContext set). This is due to a circular dependency. This does not happen when the KeycloakSpringBootConfigResolver bean is in another @Configuration class.

You can remove the HttpSessionManager Bean with @ConditionalOnMissingBean on it. No other changes were required to update up to Keycloak 11.0.3.