Keycloak Resource Server

Is there any documentation on using hilla with keycloak. In the past i have used keycloak for authentication and authorisation in springboot with angular. There are springboot properties spring.security.oauth2.resourceserver.jwt.issuer-uri and spring.security.oauth2.resourceserver.jwt.jwk-set-uri coupled with the spring-boot-starter-oauth2-resource-server dependency and configuration in the websecurity configuration. allows for the client to request a token from keycloak and pass with each endpoint request. I see some documentation but it seems for an in memory database of users. Many thanks.

Technically it should be pretty much the same as with Flow, as in both cases you do it in Java using Spring Sercurity and extending VaadinWebSecurity, you could check blog like this Secure Your Vaadin App with Keycloak OAuth2 Integration

Thank you, I will give it a go.

Had a go with this approach and as suggested seems to work ok with Hilla. I also came across the following blog showing Hilla showing google oauth https://marcushellberg.dev/tutorial-set-up-google-oauth-in-a-hilla-spring-boot-react-project.

In this example it uses a protected route component to restrict access to views if not authenticated in addition to the oauth login in the vaadinwebsecurity class. Is this necessary? Using the Flow example, views seem to be locked down without any additional coding.

Also do you know if this approach would work in a load balanced situation where connections from the browser are stateless, or is there anything additional that would need configured?

You should be able to configure stateless authentication with Hilla, see here hilla-v2-demo/src/main/java/com/example/application/security/SecurityConfig.java at master · TatuLund/hilla-v2-demo · GitHub