Re: [keycloak-user] default permissions
I see, but do I need to use Java/Spring to achieve this, or can I use
NodeJS (as my API server is in NodeJS)?
On Fri, Nov 10, 2017 at 1:51 PM, Emilien Bondu <dev.ebondu(a)gmail.com> wrote:
To achieve this, I implemented a KeycloakAnonymousActionsFilter
filter to
handle requests, associated to an AnonymousActionsHandler (extending the
official AuthenticatedActionsHandler) and an AnonymousPolicyEnforcer (extending
the official AbstractPolicyEnforcer). Do you think this code should be
added to the official spring-adapter ?
Le 10 nov. 2017 à 12:12, Pedro Igor Silva <psilva(a)redhat.com> a écrit :
@Emilien Bondu, I was looking that thread again and now I'm wondering if
you end up with something you can share.
On Fri, Nov 10, 2017 at 9:07 AM, Emilien Bondu <dev.ebondu(a)gmail.com>
wrote:
> Hi,
>
> Maybe you should have a look here :
>
> http://lists.jboss.org/pipermail/keycloak-user/2017-March/009830.html
>
>
> Le 10 nov. 2017 à 11:33, Pedro Igor Silva <psilva(a)redhat.com> a écrit :
>
> Hi,
>
> I think you could probably change your application and remove the
> resources/paths you want to make public from the list of resources
> protected by the adapter.
>
> On Thu, Nov 9, 2017 at 2:06 PM, Corentin Dupont <
> corentin.dupont(a)gmail.com>
> wrote:
>
> Another question: how to apply default authorizations?
>
> I want to protect my API with authorization in Keycloak. However some
> resources should be open to the public, accessible without any bearer
> token.
> My idea was:
> - create an "unregistered_user" composite role, containing some basic
> roles
> - create a "guest" user, with the unregistered_user role
> - on the API server, if there is no token in the request I will get the
> roles of the guest user and user them. If there is a token, I'll use that
> user permissions.
> What do you think of that process?
>
> Thanks
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
>