6:39 p.m.
Hi I'm developing a web page in angular with keycloak for autorization.
I followed this example
https://github.com/keycloak/keycloak/tree/master/examples/demo-template/a...
and it works pretty well.
Now I want to secure only part of my application. Is there any way to
achieve this behavior.
Thanks in advance
Jorge A.
9:57 a.m.
Hi,
In the example, the angular is bootstrapped after the keycloak
authentication is properly finished. It's also because keycloak
authentication requires redirection of browser to KC and then
redirecting back to the app. Theoretically you can combine it that
keycloak authentication flow is called just when user visits some
"secured" URL of your app, but still after redirecting from KC login
screen back to the app, it will be better if angular is bootstrapped
after keycloak authentication is finished (so in the "success" callback
from keycloak.init call as it's done in the example).
Also note that there is no authorization in the JS application itself.
The secured part are rest endpoints, which are secured by Bearer token
obtained from the authentication of JS application. This is done in
authInterceptor, which adds the bearer token to REST requests.
Marek
On 5.2.2015 18:39, Jorge Dario Arias Lopez wrote:
Hi I'm developing a web page in angular with keycloak for
autorization.
I followed this example
https://github.com/keycloak/keycloak/tree/master/examples/demo-template/a...
and it works pretty well.
Now I want to secure only part of my application. Is there any way to
achieve this behavior.
Thanks in advance
Jorge A.
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev
3366
days inactive
3367
days old
1 comments
2 participants
participants (2)
-
Jorge Dario Arias Lopez -
Marek Posolda