<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 10/05/16 15:17, Darren Hartford
wrote:<br>
</div>
<blockquote
cite="mid:379356563.1922580.1462886239492.JavaMail.yahoo@mail.yahoo.com"
type="cite">
<div style="color:#000; background-color:#fff;
font-family:HelveticaNeue, Helvetica Neue, Helvetica, Arial,
Lucida Grande, sans-serif;font-size:16px">
<div id="yui_3_16_0_ym19_1_1462886037011_5494">Hi all,</div>
<div id="yui_3_16_0_ym19_1_1462886037011_5494">So, Keycloak has
a lot of items around Authentication approaches, but I haven't
seen anything specific around authorization - is that a
different project?</div>
</div>
</blockquote>
We plan to add support for authorization. The prototype and
instructions to try it are here [1] .<br>
<br>
<blockquote
cite="mid:379356563.1922580.1462886239492.JavaMail.yahoo@mail.yahoo.com"
type="cite">
<div style="color:#000; background-color:#fff;
font-family:HelveticaNeue, Helvetica Neue, Helvetica, Arial,
Lucida Grande, sans-serif;font-size:16px">
<div id="yui_3_16_0_ym19_1_1462886037011_5494"><br>
</div>
<div id="yui_3_16_0_ym19_1_1462886037011_5494" dir="ltr">My
actual question is this - if you have java apps that have <span style="font-size: 9pt; font-family: 'Courier New'; white-space: pre-wrap;" id="yui_3_16_0_ym19_1_1462886037011_5578"><security-role></span><span style="font-size: 9pt; font-family: 'Courier New'; white-space: pre-wrap;" id="yui_3_16_0_ym19_1_1462886037011_5592"><role-name>role1</role-name></span><span style="font-size: 9pt; font-family: 'Courier New'; white-space: pre-wrap;" id="yui_3_16_0_ym19_1_1462886037011_5622"></security-role> or are using @DeclareRoles, is there a mechanism where the application/SP can *register* with the PDP with those roles, rather than copy-pasting into those different IAM/PDP solutions?</span></div>
</div>
</blockquote>
We have client registration documented here [2] , but not sure if it
has support for register client roles into Keycloak based on roles
declared in web.xml. Probably not (and not sure if it's even
realistic to add that).<br>
<br>
[1]
<a class="moz-txt-link-freetext" href="https://github.com/pedroigor/keycloak/blob/KEYCLOAK-2753/authz/README.md">https://github.com/pedroigor/keycloak/blob/KEYCLOAK-2753/authz/README.md</a><br>
[2]
<a class="moz-txt-link-freetext" href="http://keycloak.github.io/docs/userguide/keycloak-server/html/client-registration.html">http://keycloak.github.io/docs/userguide/keycloak-server/html/client-registration.html</a><br>
<br>
Marek<br>
<blockquote
cite="mid:379356563.1922580.1462886239492.JavaMail.yahoo@mail.yahoo.com"
type="cite">
<div style="color:#000; background-color:#fff;
font-family:HelveticaNeue, Helvetica Neue, Helvetica, Arial,
Lucida Grande, sans-serif;font-size:16px">
<div id="yui_3_16_0_ym19_1_1462886037011_5494" dir="ltr"><span style="font-size: 9pt; font-family: 'Courier New'; white-space: pre-wrap;">
</span></div>
<div id="yui_3_16_0_ym19_1_1462886037011_5494" dir="ltr"><span style="font-size: 9pt; font-family: 'Courier New'; white-space: pre-wrap;">thanky!</span></div>
<div id="yui_3_16_0_ym19_1_1462886037011_5494" dir="ltr"><span style="font-size: 9pt; font-family: 'Courier New'; white-space: pre-wrap;">-D</span></div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
keycloak-user mailing list
<a class="moz-txt-link-abbreviated" href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a>
<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/keycloak-user">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>
</blockquote>
<br>
</body>
</html>