[keycloak-dev] Restricting the scope of admin

Bruno Oliveira bruno at abstractj.org
Tue May 27 07:58:05 EDT 2014


Good morning guys, following the requirements of Push server. We on
AeroGear would like to restrict the scope of Admin.

Following the integration samples here:
https://github.com/keycloak/keycloak/blob/master/project-integrations/aerogear-ups/auth-server/src/main/java/org/aerogear/ups/security/UpsSecurityApplication.java#L32.

The downside of remove the admin is that we can't manage our users anymore (correct me if I'm wrong).
This is not a big deal if you add a new user or update the current admin with the appropriate
permissions. The odd thing is: after login I'm immediately kicked out of KC
admin, probably I'm doing something wrong for sure, but I couldn't figure
out yet.

This is the piece of code being tested:
https://github.com/abstractj/aerogear-unifiedpush-server/commit/4814e75f1e5bfc31919bb51f00623a3948829861#diff-fb1187c03792f02a16e7bb8642ad6052R67

And this is the log file:
https://gist.github.com/abstractj/eb75d6210eb29394d139. It seems like
everything goes well here:
https://gist.github.com/abstractj/eb75d6210eb29394d139#file-log-txt-L5,
but maybe I'm missing the mgmt configuration?
https://gist.github.com/abstractj/eb75d6210eb29394d139#file-log-txt-L7

Thanks in advance.

--

abstractj


More information about the keycloak-dev mailing list