I'm investigating the possibility of securing my application with keycloak
using both Authentication and Authorization.
I was wondering if I can check ownership of a resource (i.e. a picture in a
database) with keycloak policies.
I see there is an example in the documentation using a Drools Policy which
checks the ownership of the resource, but that is limited to the client
being the owner of the resource.
What i'd like to accomplish is to see if userA has access to documentA. Can
the drools engine query a database to fetch the required dataField or is
there another approach for this to be done?
Thanks for any pointers...
/Richard