[keycloak-user] shared UMA 2.0 resource & scope based policies
Pedro Igor Silva
psilva at redhat.com
Wed Jan 16 06:40:27 EST 2019
Basically, I imported the "photoz" realm from that quickstart and removed
everything except the scopes and policies. Then I followed your steps to
reproduce the issue.
On Wed, Jan 16, 2019 at 9:38 AM Pedro Igor Silva <psilva at redhat.com> wrote:
> Here it is.
>
> On Wed, Jan 16, 2019 at 9:30 AM Marek Lindner <mareklindner at neomailbox.ch>
> wrote:
>
>> Hi Pedro,
>>
>> > Which version of Keycloak are you using?
>>
>> I am using 4.8.2 Final (see attached screenshot).
>>
>>
>> > I tried to reproduce the problem using upstream and the evaluation tool
>> > looks correct by reporting only album:view. The same goes if obtaining
>> an
>> > RPT from the token endpoint.
>>
>> Can you share a screenshot of your evaluation tool result ? Does it
>> correctly
>> DENY access ?
>>
>> I can also share my server config json if this helps.
>>
>> Thanks,
>> Marek
>>
>>
More information about the keycloak-user
mailing list