[keycloak-user] Securing GET/POST/DELETE in different way
Karol Buler
K.Buler at adbglobal.com
Tue Oct 24 03:45:13 EDT 2017
Hi Bettina,
thank you for response, but this is not exactly what I want. With
enforcement filter we can define which methods (paths) should be
protected, but not which ROLE has access to the resources.
I realized this with API Gateway based on Zuul.
Regards,
Karol
On 24.10.2017 08:09, Hübner, Bettina wrote:
> Hi Karol,
>
> Perhaps this might help you:
> http://www.keycloak.org/docs/latest/authorization_services/topics/enforcer/keycloak-enforcement-filter.html
>
> Regards,
> Bettina
>
>
>
>
> -----Ursprüngliche Nachricht-----
> Von: keycloak-user-bounces at lists.jboss.org [mailto:keycloak-user-bounces at lists.jboss.org] Im Auftrag von Karol Buler
> Gesendet: Montag, 23. Oktober 2017 10:45
> An: keycloak-user at lists.jboss.org
> Betreff: [keycloak-user] Securing GET/POST/DELETE in different way
>
> Hi all,
>
> is there any possibility to secure GET/POST/DELETE etc. methods in a
> different way?
>
> e.g.
>
> endpoint: /users
>
> GET: for Keycloak's role 'user'
>
> POST: for Keycloak's role 'users_admin'
>
> and so on. Result is that user with 'user' cannot create another user in
> our system.
>
> Regards,
> Karol
>
> [https://www.adbglobal.com/wp-content/uploads/adb.png]
> adbglobal.com<https://www.adbglobal.com>
> [https://www.adbglobal.com/wp-content/uploads/linkedin_logo.png]<https://www.linkedin.com/company/adb/> [https://www.adbglobal.com/wp-content/uploads/twitter_logo.png] <https://twitter.com/adb_global> [https://www.adbglobal.com/wp-content/uploads/pinterest_logo.png] <https://pinterest.com/adbglobal/pins/>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list