[keycloak-user] method level role based authorization
Stian Thorgersen
sthorger at redhat.com
Wed Oct 19 00:28:46 EDT 2016
You can do this with the regular EAP7 adapter, but you need to make sure
the security context is propagated correctly. Check the
https://keycloak.gitbooks.io/securing-client-applications-guide/content/topics/oidc/java/jboss-adapter.html
it describes how to do it. Search that page for KeycloakLoginModule to
quickly find it.
On 19 October 2016 at 02:55, java_os <java at neposoft.com> wrote:
> Question to the group,
> I want to do method level role based authorization (aka @RolesAllowed)
> with the constraint that i cannot use sprig security(broken in jboss
> eap7).
> Anyone has done this ? I want to do it by annotations at method level,
> instead of cluttring the code checking the role and send 403 if role not
> allowed,ugly.
> Thanks
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
More information about the keycloak-user
mailing list