[keycloak-user] Policy Enforcement Mode cannot be changed.
Joey
huazonglin at gmail.com
Wed Oct 26 07:40:34 EDT 2016
Hi Guys,
I read from documents, and my understanding is if set Policy
Enforcement Mode to disable, then any users can access all resources.
but I tried to set it to disable. but nothing be changed.
For example,
I have a role call Role_A , and set a user Tom as this Role_A, if I
set a resource access policy without Role_A. this user Tom cannot
access this resource. And I can see some log in tomcat.
Oct 26, 2016 7:37:33 PM
org.keycloak.adapters.authorization.PolicyEnforcer enforce
DEBUG: Policy enforcement is enable. Enforcing policy decisions for
path [http://operation.iishang-intr.com:9111/op/jsp/base/loginStatistics/portalLoginStatistics.jsp].
Oct 26, 2016 7:37:33 PM
org.keycloak.adapters.authorization.PolicyEnforcer enforce
DEBUG: Policy enforcement result for path
[http://operation.iishang-intr.com:9111/op/jsp/base/loginStatistics/portalLoginStatistics.jsp]
is : GRANTED
Oct 26, 2016 7:37:33 PM
org.keycloak.adapters.authorization.PolicyEnforcer enforce
DEBUG: Returning authorization context with permissions:
Joey
More information about the keycloak-user
mailing list