[keycloak-user] CRUD Using KeyCloak
Yasser El-ata
yelata at blulogix.com
Wed Mar 2 08:38:09 EST 2016
Thanks for your fast response
I've another question please is there any third-party application may help
me in this case (provide ACL CRUD) , and can be easily integrated with
KeyCloak ?
On Wed, Mar 2, 2016 at 2:10 PM, Stian Thorgersen <sthorger at redhat.com>
wrote:
> If you have a limited number of screens then it can a good idea to create
> roles for these, and you can just create these a client roles using the
> admin console or admin endpoints. You can use a delimiter in the role name
> to specify the screen (for example 'screen-a/read'. However, if you have a
> large number of screens then the roles approach will quickly become
> unmanageable and you may be better of using an ACL or something in your
> application itself.
>
> What you are asking for is more often implemented as ACLs rather than
> RBAC. RBAC is usually used for things like 'manager' has read/write access
> to a group of resources, rather than 'user-a' has read access to
> 'resource-a'.
>
> On 2 March 2016 at 11:26, Yasser El-ata <yelata at blulogix.com> wrote:
>
>> Hello , i wan't to create CRUD using KeyCloak , i have an angularJS
>> application and it's use KeyCloak
>>
>> My case is : i have screens in my application that contain sub screens
>> and every sub screen contain CRUD roles (CREATE , READ , UPDATE , DELETE) ,
>> it's may contain multi levels
>>
>> the screenshot may make the case more clear
>>
>> the normal client roles is not enough for me or maybe i miss understand
>> some thing
>>
>> could you please help me how to create these roles in KeyCloak , or if
>> KeyCloak is support roles like this or if there is any other way to create
>> them ?
>>
>> Thanks
>>
>> --
>> Yasser El-Ata
>> Java Developer
>> BluLogix
>> 737 Walker Rd Ste 3, Great Falls, VA 22066
>> t: 443.333.4100 | f: 443.333.4101
>> *www.blulogix.com <http://www.blueoss.com/>*
>>
>> The information transmitted is intended only for the person(s) to whom it
>> is addressed and may contain confidential and/or privileged material. Any
>> review, retransmission, dissemination or other use of, or taking of any
>> action in reliance upon, this information by persons or entities other than
>> the intended recipient is prohibited. If you received this in error, please
>> contact the sender and delete the material from any computer.
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>
--
Yasser El-Ata
Java Developer
BluLogix
737 Walker Rd Ste 3, Great Falls, VA 22066
t: 443.333.4100 | f: 443.333.4101
*www.blulogix.com <http://www.blueoss.com/>*
The information transmitted is intended only for the person(s) to whom it
is addressed and may contain confidential and/or privileged material. Any
review, retransmission, dissemination or other use of, or taking of any
action in reliance upon, this information by persons or entities other than
the intended recipient is prohibited. If you received this in error, please
contact the sender and delete the material from any computer.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160302/97330048/attachment-0001.html
More information about the keycloak-user
mailing list