Re: [keycloak-user] method level role based authorization
Thanks Stian, this is one approach which ties into jboss.
Would it be possible to , once authenticated by keycloak , propagate the
authentication into a spring security context and have spring handle the
role based authorization?
I am not suggesting using spring-security keycloak's adapter, but use
spring security framework do the authorization behind the scenes.
Anyone has done this crazy setup - anyone has a pointer into this?
Thanks
You can do this with the regular EAP7 adapter, but you need to make
sure
the security context is propagated correctly. Check the
https://keycloak.gitbooks.io/securing-client-applications-guide/content/t...
it describes how to do it. Search that page for KeycloakLoginModule to
quickly find it.
On 19 October 2016 at 02:55, java_os <java(a)neposoft.com> wrote:
> Question to the group,
> I want to do method level role based authorization (aka @RolesAllowed)
> with the constraint that i cannot use sprig security(broken in jboss
> eap7).
> Anyone has done this ? I want to do it by annotations at method level,
> instead of cluttring the code checking the role and send 403 if role not
> allowed,ugly.
> Thanks
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>