[keycloak-user] Resource match bug?

Pedro Igor Craveiro e Silva psilva at redhat.com
Thu Oct 20 09:29:58 EDT 2016


I think this is related with KEYCLOAK-3261 [1].

Can you try setting a context to your deployment instead of using ROOT
? 

[1]https://issues.jboss.org/browse/KEYCLOAK-3261

On Thu, 2016-10-20 at 19:59 +0800, Joey wrote:
> Hi Guys,
> 
> 
> I found something is weird, not sure is it a bug?
> 
> If I create a Resource like "/resources/images/bg.png", and visit
> this
> URL from tomcat.
> but I got 403 error. I turn on debug message for keyclock, and I saw
> this debug message.
> 
> 
> 
> -------------------
> DEBUG: AuthenticatedActionsValve.invoke
> http://operation.iishang-intr.com:9111/resources/images/bg.png
> 
> Oct 20, 2016 6:40:01 PM
> org.keycloak.adapters.authorization.PolicyEnforcer enforce
> 
> DEBUG: Policy enforcement is enable. Enforcing policy decisions for
> path [http://operation.iishang-intr.com:9111/resources/images/bg.png]
> .
> 
> Oct 20, 2016 6:40:01 PM
> org.keycloak.adapters.authorization.AbstractPolicyEnforcer authorize
> 
> DEBUG: Checking permissions for path
> [http://operation.iishang-intr.com:9111/resources/images/bg.png] with
> config [null].
> 
> Oct 20, 2016 6:40:01 PM
> org.keycloak.adapters.authorization.AbstractPolicyEnforcer authorize
> 
> DEBUG: Could not find a configuration for path [/images/bg.png]
> 
> -------------------
> 
> then if I change "Resource" of client URL to "/images/bg.png", it
> works.  and I tried "/resources/*",  it doesn't work either.
> My Keycloak version is 2.2.0.
> 
> 
> Joey
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
-- 
Pedro Igor


More information about the keycloak-user mailing list