Re: [keycloak-user] Securing dynamic services
We are currently doing a POC on adding authorization services to Keycloak.
In summary what roles can access what URLs, but much more flexible and
powerful than that. That's not going to be ready until sometime next year.
If you're interested you could give that a go, but it's pre-alpha at the
moment, so not something to use in production for sure.
On 21 November 2015 at 01:41, Jose Suero <josephsuero(a)gmail.com> wrote:
i've installed keycloak to secure a software as a service
application that
allow users to create scripts they can run as services, for the
authentication part keycloak works like a charm, users are required to
enter a login and I get their roles and everything.
The idea is to let users create services and roles, and assign them to
users, this all works
The issue i'm having is authorization, since i have no knowledge before
and of what services or roles would be created i can't use Security
Constrains on web.xml or annotations.
Since I have the roles I could write a function that does auhorizations,
but would love for keycloak to do it for me, I'm already passing realms to
keycloak as the multi-tenant example, is there any way I could assign urls
to roles I create so keycloak checks where or not I can access that url?
thanks in advance
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
Attachments:
- attachment.html (text/html — 2.1 KB)