I’m registering a KeycloakOIDCFilter in front of a servlet within an OSGI container to protect a rest-api. Authentication via token and subsequent usage of the api works fine.
Now everytime I UNAUTHENTICATED connect to a protected resource, the filter redirects me to the login page. For an API this is not what I want. The filter should return with HTTP code 401.
How (resp. where) can I configure the filter to do this? Is this done within keycloak configuration, or at the point I register the filter? I did some research on the webs but could not really find something - a quick link would be enough!