[keycloak-user] Resource match bug?
Pedro Igor Craveiro e Silva
psilva at redhat.com
Thu Oct 20 09:29:58 EDT 2016
I think this is related with KEYCLOAK-3261 [1].
Can you try setting a context to your deployment instead of using ROOT
?
[1]https://issues.jboss.org/browse/KEYCLOAK-3261
On Thu, 2016-10-20 at 19:59 +0800, Joey wrote:
> Hi Guys,
>
>
> I found something is weird, not sure is it a bug?
>
> If I create a Resource like "/resources/images/bg.png", and visit
> this
> URL from tomcat.
> but I got 403 error. I turn on debug message for keyclock, and I saw
> this debug message.
>
>
>
> -------------------
> DEBUG: AuthenticatedActionsValve.invoke
> http://operation.iishang-intr.com:9111/resources/images/bg.png
>
> Oct 20, 2016 6:40:01 PM
> org.keycloak.adapters.authorization.PolicyEnforcer enforce
>
> DEBUG: Policy enforcement is enable. Enforcing policy decisions for
> path [http://operation.iishang-intr.com:9111/resources/images/bg.png]
> .
>
> Oct 20, 2016 6:40:01 PM
> org.keycloak.adapters.authorization.AbstractPolicyEnforcer authorize
>
> DEBUG: Checking permissions for path
> [http://operation.iishang-intr.com:9111/resources/images/bg.png] with
> config [null].
>
> Oct 20, 2016 6:40:01 PM
> org.keycloak.adapters.authorization.AbstractPolicyEnforcer authorize
>
> DEBUG: Could not find a configuration for path [/images/bg.png]
>
> -------------------
>
> then if I change "Resource" of client URL to "/images/bg.png", it
> works. and I tried "/resources/*", it doesn't work either.
> My Keycloak version is 2.2.0.
>
>
> Joey
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Pedro Igor
More information about the keycloak-user
mailing list