<div dir="ltr"><div>What I have done is mapped my urls (i.e. resource) to roles in my own app.</div><div><br></div><div>Then I have a security filter that will get the user roles from keycloak and check if the role has access to the urls (i.e. resource). Note my services are JEE.</div><div><br></div><div>I am also very keen if this can be done within keycloak. Stain any pointers to the POC that I can look into to understand the keycloak approach?</div><div><br></div><div>Cheers</div><div>Travis</div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr">On Mon, 23 Nov 2015 at 20:46 Stian Thorgersen <<a href="mailto:sthorger@redhat.com">sthorger@redhat.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">We are currently doing a POC on adding authorization services to Keycloak. In summary what roles can access what URLs, but much more flexible and powerful than that. That's not going to be ready until sometime next year.<div><br></div><div>If you're interested you could give that a go, but it's pre-alpha at the moment, so not something to use in production for sure.</div></div><div class="gmail_extra"><br><div class="gmail_quote">On 21 November 2015 at 01:41, Jose Suero <span dir="ltr"><<a href="mailto:josephsuero@gmail.com" target="_blank">josephsuero@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">i've installed keycloak to secure a software as a service application that allow users to create scripts they can run as services, for the authentication part keycloak works like a charm, users are required to enter a login and I get their roles and everything. <div><br></div><div>The idea is to let users create services and roles, and assign them to users, this all works<br><div><br></div><div>The issue i'm having is authorization, since i have no knowledge before and of what services or roles would be created i can't use Security Constrains on web.xml or annotations.</div></div><div><br></div><div>Since I have the roles I could write a function that does auhorizations, but would love for keycloak to do it for me, I'm already passing realms to keycloak as the multi-tenant example, is there any way I could assign urls to roles I create so keycloak checks where or not I can access that url?</div><div><br></div><div><br></div><div>thanks in advance</div><div><br></div><div><br></div></div>
<br>_______________________________________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br></blockquote></div><br></div>
_______________________________________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></blockquote></div>