[keycloak-user] Restrict access to admin console by checking if header exists
Mark de Jng
mail at markdejong.org
Tue Feb 5 05:55:33 EST 2019
Hi,
I want to restrict the access to admin console by checking if the `CF-Connecting-IP` does not exist for a specific path.
I’ve checked this documentation: http://undertow.io/undertow-docs/undertow-docs-2.0.0/#predicates-attributes-and-handlers
And I’ve come this far, but undertow complains that my expression is not valid:
<expression-filtermodule="io.undertow.core" name="restrict-admin-console-access" expression="path-prefix(/auth/admin/console) and not exists(%{i, CF-Connecting-IP})" />
Any clue?
Thanks
Mark
More information about the keycloak-user
mailing list