[keycloak-user] Having a policy enforcer and an unsecured endpoint at the same time ?

Wednesday, 26 October 2016

Hi,

I'm trying to help a community member that is having issues to provide a
rest endpoint that do not need authentication but other endpoints are
protected and make use of a policy enforcer.

Looks like it is not possible to have both , is that correct ? The authz
seems to intercept all the request (as mentioned in the documentation) and
even by setting the enforcement to "permissive" it fails for this
unprotected endpoint.

For reference : https://issues.jboss.org/browse/KEYCLOAK-3799

(There are other issues in this ticket like configuring authz for
SpringBoot but this is another problem to have to be solved separately)

Sebi

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

[keycloak-user] Having a policy enforcer and an unsecured endpoint at the same time ?