Securing Vaadin 8 spring boot application with keycloak (OpenId)

Hello Vaadin fans,

i am trying to find a tutorial to secure our vaadin 8 applications with keycloak as temporary solution until we can migrate to vaadin 24

we have following stack:

  • vaadin 8.20 with extended maintenance
  • spring boot 2.7.x
  • java 17
  • keycloak 21.1.2

Since Vaadin 8 is deprecated its kinda hard to find a proper tutorial how to configure the spring boot application to make it work with keycloak.

there are several questions

  • which dependencies are required for this setup ?
  • how to configure the SecurityConfig
    • use a SecurityFilterChain Bean or override the “configure” method?
    • how to configure the HttpSecurity class with for vaadin 8.
    • how to configure the HttpSecurity class to make it work with keycloak openId

Any suggestions which point to the right direction are appreciated.

If you have extended maintenance support, it’s probably easier for you to ask the Expert Chat for help. They should have some code example from “the past”