Spring Security Exclude url form OAuth2 security authentication

I have this Spring Security 6 configuration configured to work with Keycloak server:

@Configuration
@EnableWebSecurity
@EnableMethodSecurity
public class WebSecurityConfig {

    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws Exception {
        httpSecurity
                .authorizeHttpRequests(registry -> registry
                        .requestMatchers("/admin/**").hasRole("ADMIN")
                        .requestMatchers("/internal/token").permitAll()
                        .anyRequest().authenticated()
                )
                .oauth2ResourceServer(oauth2Configurer -> oauth2Configurer.jwt(jwtConfigurer -> jwtConfigurer.jwtAuthenticationConverter(jwt -> {
                    Map<String, Collection<String>> realmAccess = jwt.getClaim("realm_access");
                    Collection<String> roles = realmAccess.get("roles");
                    var grantedAuthorities = roles.stream()
                            .map(role -> new SimpleGrantedAuthority(role))
                            .collect(Collectors.toList());
                    return new JwtAuthenticationToken(jwt, grantedAuthorities);
                })));

        return httpSecurity.build();
  }
}

This code works well but I need to have a url configured for free access. I tried to add .requestMatchers("/internal/token").permitAll() so that I can use it without authentication.

I get always 401 Unauthorized when I use Postman to POST a request and in logs I get:

Caused by: org.springframework.web.client.ResourceAccessException: I/O error on GET request for "https://locahost:4000/realms/my_realm/protocol/openid-connect/certs": locahost:4000

Looks like above configuration is not allowed. Do you know how I can properly configured this?

Do I need to add something else into above configuration? I can't find a solution here https://docs.spring.io/spring-security/reference/getting-spring-security.html which can be usefull in my case.

Comment From: sjohnr

Thanks for getting in touch @rcbandit111, but it feels like this is a question that would be better suited to Stack Overflow. We prefer to use GitHub issues only for bugs and enhancements. Feel free to update this issue with a link to the re-posted question (so that other people can find it) or add a minimal sample that reproduces this issue if you feel this is a genuine bug.

Having said that, have you enabled trace logging (logging.level.org.springframework.security=trace) to see what's going on in the filter chain? Please post the results to stackoverflow and I'll be happy to help.