How to manage access java app resources through keycloak admin console only

Hi. I have configured access to the resource through the keycloak console (access type: confidential, auth enabled, permissions configured) I’ve evaluated it in there and it works as I expect. And I have an app with Spring Boot 2.2.0, keycloak 7.0.1. If I config it as in a tutorial, it works. But I don’t want to hardcode the access by roles in keycloakConfiguration or application.yml. I’ve changed the security configuration in my java app, and in this case it checks only rules that I’ve predefined in security configuration (completely ignores keycloak console)
From my point of view, I should manage access only via the admin console.
Is it possible to configure this way?
Where is my mistake?


public class KeycloakSecurityConfig extends KeycloakWebSecurityConfigurerAdapter {

public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {

protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
    return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl());

public ServletListenerRegistrationBean<HttpSessionEventPublisher> httpSessionEventPublisher() {
    return new ServletListenerRegistrationBean<>(new HttpSessionEventPublisher());

protected void configure(HttpSecurity http) throws Exception {