18 Hands-on: An OAuth 2 application
This chapter covers
- Configuring Keycloak as an Authorization Server in your OAuth 2 system.
- Using Global Method Security in an OAuth 2 Resource Server.
In chapters 12 to 15, we discussed in detail how an OAuth 2 system works and how you implement it with Spring Security. We then changed the subject, and in chapters 16 and 17, you learned how to apply authorization rules at any layer of your application using Global Method Security. In this chapter, we’ll combine these two essential subjects, and we’ll apply Global Method Security within an OAuth 2 Resource Server.
Besides defining authorization rules at different layers of our Resource Server implementation, you’ll also learn how to use a tool named Keycloak as the Authorization Server for your system. The example we’ll work on this chapter will be helpful for you for the following reasons: