[keycloak-user] Authorization question (maybe not keycloak?)
Marek Posolda
mposolda at redhat.com
Wed May 11 03:49:36 EDT 2016
On 10/05/16 15:17, Darren Hartford wrote:
> Hi all,
> So, Keycloak has a lot of items around Authentication approaches, but
> I haven't seen anything specific around authorization - is that a
> different project?
We plan to add support for authorization. The prototype and instructions
to try it are here [1] .
>
> My actual question is this - if you have java apps that have
> <security-role><role-name>role1</role-name></security-role> or are
> using @DeclareRoles, is there a mechanism where the application/SP can
> *register* with the PDP with those roles, rather than copy-pasting
> into those different IAM/PDP solutions?
We have client registration documented here [2] , but not sure if it has
support for register client roles into Keycloak based on roles declared
in web.xml. Probably not (and not sure if it's even realistic to add that).
[1] https://github.com/pedroigor/keycloak/blob/KEYCLOAK-2753/authz/README.md
[2]
http://keycloak.github.io/docs/userguide/keycloak-server/html/client-registration.html
Marek
> thanky!
> -D
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160511/411df1ea/attachment.html
More information about the keycloak-user
mailing list