[keycloak-user] Add additional rights mapping step to request chain

Bill Burke bburke at redhat.com
Mon Jun 9 15:11:09 EDT 2014


For "rights" you mean user role mappings?  I'd have to create an SPI for 
that.

FYI, you can't modify the token itself as it is digitally signed.

On 6/9/2014 2:51 PM, Boettcher, Jim wrote:
> Hi,
>
> We are using the keycloak-as7-adapter from beta2 and have configured the
> adapter to use bearer token.
>
> We would like to add in some extra processing after the bearer token has
> been validated in order to map user rights for the user identified by
> the bearer token using some proprietary code. This is currently done
> with a custom LoginModule configured for the security-domain of the app.
>
> Can you suggest how we might go about adding this extra rights mapping
> to the request chain after the keycloak adapter has validated the bearer
> token?
>
> Thank you,
>
> Jim
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com


More information about the keycloak-user mailing list