[keycloak-user] Resource match bug?
Joey
huazonglin at gmail.com
Thu Oct 20 07:59:51 EDT 2016
Hi Guys,
I found something is weird, not sure is it a bug?
If I create a Resource like "/resources/images/bg.png", and visit this
URL from tomcat.
but I got 403 error. I turn on debug message for keyclock, and I saw
this debug message.
-------------------
DEBUG: AuthenticatedActionsValve.invoke
http://operation.iishang-intr.com:9111/resources/images/bg.png
Oct 20, 2016 6:40:01 PM
org.keycloak.adapters.authorization.PolicyEnforcer enforce
DEBUG: Policy enforcement is enable. Enforcing policy decisions for
path [http://operation.iishang-intr.com:9111/resources/images/bg.png].
Oct 20, 2016 6:40:01 PM
org.keycloak.adapters.authorization.AbstractPolicyEnforcer authorize
DEBUG: Checking permissions for path
[http://operation.iishang-intr.com:9111/resources/images/bg.png] with
config [null].
Oct 20, 2016 6:40:01 PM
org.keycloak.adapters.authorization.AbstractPolicyEnforcer authorize
DEBUG: Could not find a configuration for path [/images/bg.png]
-------------------
then if I change "Resource" of client URL to "/images/bg.png", it
works. and I tried "/resources/*", it doesn't work either.
My Keycloak version is 2.2.0.
Joey
More information about the keycloak-user
mailing list