I created the following Jira
https://issues.jboss.org/browse/KEYCLOAK-10367, so we don't miss it.
Authorization services is something that we would like to include in
Gatekeeper.
Regards if there are any other options. Being very honest, I don't know.
On 2019-05-21, Tyler Johnson wrote:
Yeah, that's exactly what I was trying to do.
My goal is to stand up something that sits in front of services and
enforces the authorization I defined in Keycloak so I don't have to include
any authorization logic or use any keycloak adapters in the services
themselves. It sounds like gatekeeper doesn't have that functionality
though. Are there any other options around that?
On Tue, May 21, 2019 at 8:15 AM Bruno Oliveira <bruno(a)abstractj.org> wrote:
> It seems to me that you're trying to use authorization services with
> Gatekeeper (I can be wrong). If that's the case, unfortunatelly that's
> not supported yet. But certainly something that we might consider in the
> future.
>
> If I guessed it all wrong, please share how you're configuring
> Gatekeeper.
>
> On 2019-05-21, Tyler Johnson wrote:
> > I'm trying to figure out how to use keycloak-gatekeeper with the
> > fine-grained authorization option in Keycloak.
> >
> > I set up the authorization and ran an evaluation within the Keycloak UI
> > that correctly gave DENY for user 'test', but when I use that same
user
> to
> > log in through gatekeeper, it says it's permitted and directs me to
> > upstream.
> >
> > Is there anything I need to enable on gatekeeper side to have it enforce,
> > or any pointers here?
> >
> > Thanks,
> > Tyler
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user(a)lists.jboss.org
> >
https://lists.jboss.org/mailman/listinfo/keycloak-user
>
> --
>
> abstractj
>
--
abstractj