[keycloak-user] Best practice public API Rest (GET Method) Vs Protected
Stian Thorgersen
stian at redhat.com
Mon Apr 20 01:17:13 EDT 2015
Assuming you're securing your paths using web.xml there's http-method-omission which allows omitting specific methods from the secure web collection.
http://docs.oracle.com/cd/E19798-01/821-1841/bncbk/index.html#indexterm-1457
----- Original Message -----
> From: "Sebastien Blanc" <sblanc at redhat.com>
> To: keycloak-user at lists.jboss.org
> Sent: Sunday, April 19, 2015 8:20:49 PM
> Subject: [keycloak-user] Best practice public API Rest (GET Method) Vs Protected
>
> Hi all,
>
> I wonder what would be the best approach, when using Keycloak, to just
> protect POST, PUT and DELETE and keep GET unprotected and ideally using the
> same application path ?
>
> Sebi
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list