Spring Boot Web

import org.springframework.http.ResponseEntity; import org.springframework.security.core.Authentication; import org.springframework.security.oauth2.core.oidc.user.OidcUser; import org.springframework.security.web.authentication.logout.LogoutHandler; import org.springframework.stereotype.Component; import org.springframework.web.client.RestTemplate; import org.springframework.web.util.UriComponentsBuilder; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; @Slf4j @Component public class KeycloakLogoutHandler implements LogoutHandler { private final RestTemplate restTemplate = new RestTemplate(); @Override public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication) { OidcUser user = (OidcUser) authentication.getPrincipal(); String endSessionEndpoint = user.getIssuer() + "/protocol/openid-connect/logout"; UriComponentsBuilder builder = UriComponentsBuilder .fromUriString(endSessionEndpoint) .queryParam("id_token_hint", user.getIdToken().getTokenValue()); ResponseEntity<String> logoutResponse = restTemplate.getForEntity(builder.toUriString(), String.class); if (!logoutResponse.getStatusCode().is2xxSuccessful()) { log.error("Unable to logout user"); } } }

Include Webjars-Locator in pom.xml: <dependency> <groupId>org.webjars</groupId> <artifactId>webjars-locator</artifactId> </dependency> Don’t extend WebMvcConfigurerAdapter Don’t use @EnableWebMvc No leading slash for JS/CSS links with Thymeleaf: <script th:src="@{webjars/jquery/jquery.min.js}" type="text/javascript" ></script> Omit version number in JS/CSS links