5:03 p.m.
Hello everyone.
I am developing a web application with Angular 2 on the front end, and
jax-rs services on the backend, I also need authorization with user roles
but I have the following problems:
1. The recommendation in the documentation is to establish the angular
customer as public, which means that the authorization can not go here.
2. If the backend is set as the confidential customer, the service can not
be consumed from angular 2 with the barer symbol.
3. If the backend is configured as a barer only client, the roles are not
validated on the authorization defined in keycloak.
Can you help me find a better configuration for this environment?
Thank you all.
Gaalvarez.
3:43 a.m.
Hi,
Same scenario for me but with spring as backend and I use two separates
realm clients:
- the website client is "public" to allow login + page management by using
the user's realm role
- the backend client is "confidential" with resources
authorization/management
From the app, accessing a protected resource is a 3 steps process :
try to
access to the protected resources with the token obtained during login, if
denied by the backend, using the returned WWW-Authenticate header to get an
updated access token from the authorization service, access the protected
resource with the new token.
I guess it is not possible to get a better conf if you need a fine grained
authz
--
View this message in context:
http://keycloak-user.88327.x6.nabble.com/keycloak-user-JAX-RS-Backend-Ser...
Sent from the keycloak-user mailing list archive at Nabble.com.
2856
days inactive
2857
days old
1 comments
2 participants
participants (2)
-
ebondu -
Gustavo Alvarez