We should hopefully have an early alpha ready in a few weeks.
On 23 November 2015 at 20:45, Travis De Silva <traviskds(a)gmail.com> wrote:
What I have done is mapped my urls (i.e. resource) to roles in my own
app.
Then I have a security filter that will get the user roles from keycloak
and check if the role has access to the urls (i.e. resource). Note my
services are JEE.
I am also very keen if this can be done within keycloak. Stain any
pointers to the POC that I can look into to understand the keycloak
approach?
Cheers
Travis
On Mon, 23 Nov 2015 at 20:46 Stian Thorgersen <sthorger(a)redhat.com> wrote:
> We are currently doing a POC on adding authorization services to
> Keycloak. In summary what roles can access what URLs, but much more
> flexible and powerful than that. That's not going to be ready until
> sometime next year.
>
> If you're interested you could give that a go, but it's pre-alpha at the
> moment, so not something to use in production for sure.
>
> On 21 November 2015 at 01:41, Jose Suero <josephsuero(a)gmail.com> wrote:
>
>> i've installed keycloak to secure a software as a service application
>> that allow users to create scripts they can run as services, for the
>> authentication part keycloak works like a charm, users are required to
>> enter a login and I get their roles and everything.
>>
>> The idea is to let users create services and roles, and assign them to
>> users, this all works
>>
>> The issue i'm having is authorization, since i have no knowledge before
>> and of what services or roles would be created i can't use Security
>> Constrains on web.xml or annotations.
>>
>> Since I have the roles I could write a function that does auhorizations,
>> but would love for keycloak to do it for me, I'm already passing realms to
>> keycloak as the multi-tenant example, is there any way I could assign urls
>> to roles I create so keycloak checks where or not I can access that url?
>>
>>
>> thanks in advance
>>
>>
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user(a)lists.jboss.org
>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/keycloak-user