Re: [keycloak-user] Anonymous access to scoped resources
Hi,
Pedro Igor Silva wrote
If I understood your use case correctly, you don't want to
change
deployment descriptors (web.xml or spring security chain) to mark those
resources as public because the decision if a resource is public or not is
dynamic, determined by a permission associated with the anonymous policy.
Am I correct ? So users can decide whether a resource + scope can be
accessed without forcing authentication ?
Yes, exactly.
As you said, I have a specific endpoint to serve these "public" resources,
so I will create the filter.
The code will be inspired from the existing filter but I can't reuse it out
of the box. I can share it if you think it is valuable for the community.
Regards,
Emilien
--
View this message in context:
http://keycloak-user.88327.x6.nabble.com/Anonymous-access-to-scoped-resou...
Sent from the keycloak-user mailing list archive at Nabble.com.