[keycloak-user] keycloak.json configuration - link between resource attribute and Keycloak client
Marc Destefanis
marc.destefanis at easytrust.com
Wed Aug 9 03:57:25 EDT 2017
Hi,
I don't understand how the < resource > attribute from the keycloak.json is bound to a client. I explain the case I face :
In my WAR I have a keycloak.json which contains the value < WS > on the < resource > attribute.
I've previously created a < GUI > client that allows me to generate a token and a < WS > client with a bearer-only access type that I use to secure my WARs.
Everything works fine, my WARs are secured and I'm able to request the web services with the token generated with the GUI client.
BUT,
If I change the < resource > attribute value with a client name which doesn't exist it still works.
I can set the < resource > attribute to < anyThing > or < oneTwoThree > etc and it still works even if I didn't create these clients.
I was expecting an error like < the client oneTwoThree doesn't exist > or something else when I request a web service secured in a WAR with a non existing resource value in the keycloak.json file.
Is it a normal behavior ?
Do I misunderstood something or do I have an issue ?
Regards,
Marc Destefanis.
More information about the keycloak-user
mailing list