Hi All,
I've had a few questions about doing authorization against Keycloak
roles. For any brave testers out there, I'm interested to get feedback
on an initial implementation of that:
How to:
- Build master of
http://github.com/apiman/apiman-plugins locally (`mvn
clean install`)
- Install the plugin via the UI (or API):
G io.apiman.plugins
A apiman-plugins-keycloak-oauth-policy
V 1.1.1-SNAPSHOT
- Set everything up in Keycloak. For instance, I added an application
mapping role, apiman-service => apiman-gateway-user-role and a realm
role `apiman-realm-role-example`.
- Set up the Keycloak Oauth policy, including the realm and application
mappings you're interested in.
- You might want to disable "Require Transport Security" to make your
testing easier.
I'm interested to hear feedback - does this fulfil your requirements,
are there any additional features that are required?
Regards,
Marc