[keycloak-user] method level role based authorization
java_os
java at neposoft.com
Wed Oct 19 07:35:20 EDT 2016
Thanks Stian, this is one approach which ties into jboss.
Would it be possible to , once authenticated by keycloak , propagate the
authentication into a spring security context and have spring handle the
role based authorization?
I am not suggesting using spring-security keycloak's adapter, but use
spring security framework do the authorization behind the scenes.
Anyone has done this crazy setup - anyone has a pointer into this?
Thanks
> You can do this with the regular EAP7 adapter, but you need to make sure
> the security context is propagated correctly. Check the
> https://keycloak.gitbooks.io/securing-client-applications-guide/content/topics/oidc/java/jboss-adapter.html
> it describes how to do it. Search that page for KeycloakLoginModule to
> quickly find it.
>
> On 19 October 2016 at 02:55, java_os <java at neposoft.com> wrote:
>
>> Question to the group,
>> I want to do method level role based authorization (aka @RolesAllowed)
>> with the constraint that i cannot use sprig security(broken in jboss
>> eap7).
>> Anyone has done this ? I want to do it by annotations at method level,
>> instead of cluttring the code checking the role and send 403 if role not
>> allowed,ugly.
>> Thanks
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
More information about the keycloak-user
mailing list