[keycloak-dev] Authorization in angular
Marek Posolda
mposolda at redhat.com
Fri Feb 6 03:57:30 EST 2015
Hi,
In the example, the angular is bootstrapped after the keycloak
authentication is properly finished. It's also because keycloak
authentication requires redirection of browser to KC and then
redirecting back to the app. Theoretically you can combine it that
keycloak authentication flow is called just when user visits some
"secured" URL of your app, but still after redirecting from KC login
screen back to the app, it will be better if angular is bootstrapped
after keycloak authentication is finished (so in the "success" callback
from keycloak.init call as it's done in the example).
Also note that there is no authorization in the JS application itself.
The secured part are rest endpoints, which are secured by Bearer token
obtained from the authentication of JS application. This is done in
authInterceptor, which adds the bearer token to REST requests.
Marek
On 5.2.2015 18:39, Jorge Dario Arias Lopez wrote:
> Hi I'm developing a web page in angular with keycloak for autorization.
>
> I followed this example
> https://github.com/keycloak/keycloak/tree/master/examples/demo-template/angular-product-app
> and it works pretty well.
>
> Now I want to secure only part of my application. Is there any way to
> achieve this behavior.
>
> Thanks in advance
>
> Jorge A.
>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20150206/81d83618/attachment-0001.html
More information about the keycloak-dev
mailing list