diff --git a/goofy-client/apps/goofy/src/app/app.component.ts b/goofy-client/apps/goofy/src/app/app.component.ts
index abbf0f8f5dc68cbb051b1f74c178667692a1e1de..76e2d04050c513522b3ca43843628bcf064b96cf 100644
--- a/goofy-client/apps/goofy/src/app/app.component.ts
+++ b/goofy-client/apps/goofy/src/app/app.component.ts
@@ -8,6 +8,7 @@ import { JwksValidationHandler } from 'angular-oauth2-oidc-jwks';
 import { NavigationEnd, Router } from '@angular/router';
 import { filter } from 'rxjs/operators';
 import { ENVIRONMENT_CONFIG } from '@goofy-client/environment-shared';
+import { Environment } from 'libs/environment-shared/src/lib/environment.model';
 
 @Component({
 	selector: 'goofy-client-root',
@@ -17,27 +18,6 @@ import { ENVIRONMENT_CONFIG } from '@goofy-client/environment-shared';
 export class AppComponent implements OnInit, OnDestroy {
 	title = 'goofy';
 
-	authConfig: AuthConfig = {
-		// Url of the Identity Provider
-		//issuer: this.envConfig.authServer + '/realms/sh-kiel',
-		//issuer: 'http://localhost:8088/auth/realms/ozg',
-		issuer: 'https://sso.ozg-sh.de:443/auth/realms/sh-kiel',
-
-		// URL of the SPA to redirect the user to after login
-		redirectUri: window.location.origin + window.location.pathname,
-
-		// URL of the SPA to redirect the user after silent refresh
-		silentRefreshRedirectUri: window.location.origin + '/silent-refresh.html',
-
-		// The SPA's id. The SPA is registerd with this id at the auth-server
-		clientId: 'goofy',
-
-		// set the scope for the permissions the client should request
-		// The first three are defined by OIDC. The 4th is a usecase-specific one
-		scope: 'openid profile email',
-		requireHttps: false
-	};
-
 	apiRoot$: Observable<StateResource<ApiRootResource>>;
 	subscriptions = new Subscription();
 
@@ -48,7 +28,7 @@ export class AppComponent implements OnInit, OnDestroy {
 		private router: Router,
 		private navigationService: NavigationService,
 		private oAuthService: OAuthService,
-		@Inject(ENVIRONMENT_CONFIG) private envConfig,
+		@Inject(ENVIRONMENT_CONFIG) private envConfig: Environment,
 	) {
 		this.iconService.registerIcons();
 	}
@@ -69,12 +49,37 @@ export class AppComponent implements OnInit, OnDestroy {
 	}
 
 	private configureWithNewConfigApi() {
-		this.oAuthService.configure(this.authConfig);
+		this.oAuthService.configure(this.buildConfiguration());
 		this.oAuthService.setupAutomaticSilentRefresh();
 		this.oAuthService.tokenValidationHandler = new JwksValidationHandler();
 		this.oAuthService.loadDiscoveryDocumentAndLogin().then(() => {
 			this.apiRoot$ = this.apiRootService.getApiRoot();
 		});
 	}
+
+	private buildConfiguration(): AuthConfig {
+		const authConfig: AuthConfig = {
+			// Url of the Identity Provider
+			//issuer: this.envConfig.authServer + '/realms/sh-kiel',
+			//issuer: 'http://localhost:8088/auth/realms/ozg',
+			issuer: this.envConfig.authServer + '/realms/' + this.envConfig.realm,
+
+			// URL of the SPA to redirect the user to after login
+			redirectUri: window.location.origin + window.location.pathname,
+
+			// URL of the SPA to redirect the user after silent refresh
+			silentRefreshRedirectUri: window.location.origin + '/silent-refresh.html',
+
+			// The SPA's id. The SPA is registerd with this id at the auth-server
+			clientId: 'goofy',
+
+			// set the scope for the permissions the client should request
+			// The first three are defined by OIDC. The 4th is a usecase-specific one
+			scope: 'openid profile email',
+			requireHttps: false
+		};
+
+		return authConfig;
+	}
 }
 
diff --git a/goofy-client/apps/goofy/src/environments/environment.ts b/goofy-client/apps/goofy/src/environments/environment.ts
index ac43653f6554a95eabed1752cd2fb674445b8099..0357c0e76ba542b936efb455696b3a3a30501a22 100644
--- a/goofy-client/apps/goofy/src/environments/environment.ts
+++ b/goofy-client/apps/goofy/src/environments/environment.ts
@@ -2,9 +2,12 @@
 // `ng build --prod` replaces `environment.ts` with `environment.prod.ts`.
 // The list of file replacements can be found in `angular.json`.
 
+import { isFakeMousedownFromScreenReader } from '@angular/cdk/a11y';
+import { Environment } from 'libs/environment-shared/src/lib/environment.model';
+
 export const environment = {
 	production: false,
-	environmentUrl: null,
+	environmentUrl: null
 };
 
 /*
diff --git a/goofy-client/libs/environment-shared/src/lib/environment.model.ts b/goofy-client/libs/environment-shared/src/lib/environment.model.ts
index 69161ba37497610345513e8941b126a4182fb7ca..7362d346ed9d3946f7036852ab59f45d4866a061 100644
--- a/goofy-client/libs/environment-shared/src/lib/environment.model.ts
+++ b/goofy-client/libs/environment-shared/src/lib/environment.model.ts
@@ -3,6 +3,6 @@ import { ResourceUri } from '@ngxp/rest/lib/resource.model';
 export interface Environment {
 	production: boolean,
 	remoteHost: ResourceUri,
-	authServier: String,
+	authServer: String,
 	realm: String
 }
\ No newline at end of file
diff --git a/goofy-client/libs/environment-shared/test/environment.ts b/goofy-client/libs/environment-shared/test/environment.ts
index cc2087783f95d60e5737c1f0c0e6d424d8936342..7c99ef741d926fbf2da566681983686e5d00c82c 100644
--- a/goofy-client/libs/environment-shared/test/environment.ts
+++ b/goofy-client/libs/environment-shared/test/environment.ts
@@ -7,7 +7,7 @@ const baseUrl = faker.internet.url();
 const environment: Environment = {
 	production: false,
 	remoteHost: baseUrl,
-	authServier: faker.internet.url(),
+	authServer: faker.internet.url(),
 	realm: faker.random.word()
 };
 
diff --git a/goofy-server/src/main/resources/application.yml b/goofy-server/src/main/resources/application.yml
index b7c8437d547d9787671e54cae3afb292c8c70ec4..bf020734f12baa7c26f931c63412ba6b25106cba 100644
--- a/goofy-server/src/main/resources/application.yml
+++ b/goofy-server/src/main/resources/application.yml
@@ -1,7 +1,9 @@
 logging:
   level:
     ROOT: WARN
-    '[de.itvsh]': INFO
+    '[de.itvsh]': INFO,
+    '[org.springframework.security]': WARN
+    '[org.keycloak.adapters]': WARN
 
 spring:
   application:
@@ -34,11 +36,8 @@ grpc:
       
 keycloak:
   auth-server-url: http://localhost:8088/auth
-  realm: sh-kiel
+  realm: sh-kiel-dev
   resource: goofy
   principal-attribute: preferred_username
   public-client: true
-  security-constraints[0]:
-    authRoles[0]: user
-    securityCollections[0]:
-      patterns[0]: /*
+
diff --git a/pom.xml b/pom.xml
index 8620ce3de24feddb760b092dcfa7fd347fb0b069..45161403202aa4eb9c95170146f152ab0fb3ffcf 100644
--- a/pom.xml
+++ b/pom.xml
@@ -17,7 +17,7 @@
 	<properties>
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
-		<java.version>15</java.version>
+		<java.version>11</java.version>
 
 		<spring.boot.version>2.4.2</spring.boot.version>