[keycloak-user] Adding ACL security to Keycloak Server
Marek Posolda
mposolda at redhat.com
Fri Dec 6 10:32:05 EST 2019
Maybe you can use Keycloak authorization services to achieve this. There
is some support for the concept of "Owner", so that only user, who owns
some object can do something with that object.
I suggest to take a look at our quickstarts for the authorization [1],
the documentation [2]. Also some time ago, I did a demo for the
authorization services and it used Sprint & Sprint Security, so maybe
you can take a look as well for the inspiration [3]. There is
presentation of this available on Youtube as well.
[1] https://github.com/keycloak/keycloak-quickstarts (All quickstarts
starting with "app-authz"
[2] https://www.keycloak.org/docs/latest/authorization_services/index.html
[3] https://github.com/mposolda/devconf2019-authz/
Marek
On 03. 12. 19 16:47, Alfonso Vidal García wrote:
> Hello,
>
> I am wondering if I can implement ACL Security to my Spring Application, to delimit which objects can retrieve the users, depends on the user. Like the each user can retrieve only the objects that belong to him.
>
> Thanks in advance!
>
> P Please consider the environment before printing this e-mail.
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
More information about the keycloak-user
mailing list