[keycloak-user] Gatekeeper container automatically adds /* uri resource?
Nick Powers
sshscp at gmail.com
Tue Jul 16 19:55:57 EDT 2019
Hello,
Below is a snip from my Gatekeeper configuration, related to resources. I
only have /protected/* listed as a uri resource but loading the index at /
still initiates a login. I see from the logs (see below) that both
/protected/* and /* are being protected. How do I make it so only
/protected/* is a protected resource and the main /* of my site doesn't
require authentication?
I was able to HACK (see below) it so that /* was only authenticated for a
single method (DELETE) by defining /* as a uri resource with just DELETE
listed under methods: but I would rather have a solution that works for all
methods. Is anyone aware of a way to tell gatekeeper not to authenticate
for /* and only do so for /protected/*?
Thanks in advance! :) - Nick
SNIP from my gatekeeper configuration:
resources:
- uri: /protected/*
LOGS showing both /protected:
gatekeeper | {"level":"info","ts":1563319972.1478412,"msg":"protecting
resource","resource":"uri: /protected/*, methods:
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT,TRACE, required: authentication
only"}
gatekeeper | {"level":"info","ts":1563319972.1482553,"msg":"protecting
resource","resource":"uri: /*, methods:
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT,TRACE, required: authentication
only"}
My HACK config:
resources:
- uri: /protected/*
- uri: /*
methods:
- DELETE
More information about the keycloak-user
mailing list