[keycloak-user] How to only protect specific paths (SPA)
Sebastien Blanc
sblanc at redhat.com
Thu Oct 12 04:16:05 EDT 2017
On Thu, Oct 12, 2017 at 9:59 AM, Marcel van Tongeren <
mvtongeren at link2control.nl> wrote:
> Hi Mehdi Mehdi,
>
> If I'm correct, keycloak.init( {onLoad: 'login-required'}) should only be
> used for sites that are completely behind authentication/authorization.
> Check out other init options here: http://www.keycloak.org/docs/
> latest/securing_apps/topics/oidc/javascript-adapter.html
+1 , in your case "check-sso" should do the trick
>
>
> To protect only certain paths, you should probably configure the router in
> your SPA framework by adding some sort of 'authenticate' flag to the
> private routes.
> Then you can probably add an extra authentication step to your pipeline
> that checks that flag and if it is set, it should fire the keycloak.login()
> if the user is not authenticated yet.
> If it is not set, then the authentication step can skip the login, because
> it would be a public path.
>
> Good luck!
> Marcel
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
More information about the keycloak-user
mailing list