Securing REST Endpoint of Spring Boot App on Tomcat Contianer - keycloak-authz-client way

Any one here was have success in running the example app-authz-rest-springboot on a tomcat container.

My issue is

  1. Once deployed to the Tomcat container, ( install the adapters to tomcat, and make the application as web app using web.xml and secure the paths with roles (realm roles) ). all the api’s are secured with the client roles, and realm roles are dynamic. (realm roles are composite of client roles).
  2. I can go with openId adapter, but the issue here is i need to send the roles (realm/client roles) in the token, which we do not want to.

The above example works for my requirement ( unfortunately no luck in deploying to tomcat container)

  1. There is no need to set the roles in the access/id token.
  2. The endpoint is secured by keycloak, and every api call is authorized by the keycloak server. ( we do not have issue with the overhead of calling the keycloak server for every api request)

Any suggestions is appreciated. Thanks.