[keycloak-user] policy enforcer without content path

uğur kolip ugur.kolip at gmail.com
Fri Dec 23 10:50:04 EST 2016


Also
(i enable authorization , both of emails)
When i use server.host , i get forbidden too. I don't understand why get
this
my application.properties like

server.port = 16085
server.host : example.com
server.contextPath= /photoz-restful-api


keycloak.realm = photoz
keycloak.auth-server-url = http://example.com:16090/auth
keycloak.ssl-required = none
keycloak.resource = photoz-restful-api
keycloak.credentials.secret = secret
keycloak.cors = true

keycloak.securityConstraints[0].securityCollections[0].name = All admin
keycloak.securityConstraints[0].securityCollections[0].authRoles[0] = admin
keycloak.securityConstraints[0].securityCollections[0].authRoles[1] = user
keycloak.securityConstraints[0].securityCollections[0].patterns[0] =
/admin/*
keycloak.securityConstraints[1].securityCollections[0].name = All
keycloak.securityConstraints[1].securityCollections[0].patterns[0] = /*

keycloak.policy-enforcer-config.enforcement-mode = ENFORCING

2016-12-23 15:23 GMT+03:00 uğur kolip <ugur.kolip at gmail.com>:

> Hi
>
> i use keycloack 4.5.0.Final with spring boot adapter.
> When there isn't context path , i get 403 forbidden error. (message:"Could
> not find a configuration for path [/getRoles/alice]."
> path:"/admin/getRoles/alice" )
>
> do we have to add contextPath ? do i do something wrong ? or is it bug ?
>
> if we don't , path be wrong,
>
> My opinion because of these :
> In AbstractPolicyEnforcer class(keycloak-adapter-core) , there are
> String pathInfo = URI.create(request.getURI()).getPath().substring(1);
>                 String path = pathInfo.substring(pathInfo.indexOf('/'),
> pathInfo.length());
>
> Thank you for helping
>


More information about the keycloak-user mailing list