[Apiman-user] Testing feedback: apiman Oauth2 with Keycloak roles authentication
Marc Savy
marc.savy at redhat.com
Fri Apr 17 05:08:37 EDT 2015
Hi All,
I've had a few questions about doing authorization against Keycloak
roles. For any brave testers out there, I'm interested to get feedback
on an initial implementation of that:
How to:
- Build master of http://github.com/apiman/apiman-plugins locally (`mvn
clean install`)
- Install the plugin via the UI (or API):
G io.apiman.plugins
A apiman-plugins-keycloak-oauth-policy
V 1.1.1-SNAPSHOT
- Set everything up in Keycloak. For instance, I added an application
mapping role, apiman-service => apiman-gateway-user-role and a realm
role `apiman-realm-role-example`.
- Set up the Keycloak Oauth policy, including the realm and application
mappings you're interested in.
- You might want to disable "Require Transport Security" to make your
testing easier.
I'm interested to hear feedback - does this fulfil your requirements,
are there any additional features that are required?
Regards,
Marc
More information about the Apiman-user
mailing list