<html>
  <head>
    <meta content="text/html; charset=windows-1252"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    Juan,<br>
    I'm not sure that your environment is like mine but I have something
    like:<br>
    <br>
    <br>
    @Path("/user")<br>
    @Stateless<br>
    public class UserService {<br>
    <br>
    ...<br>
    <br>
     @Path("/getUserInformation")<br>
     @Produces({ MediaType.APPLICATION_JSON })<br>
     @GET<br>
     @HttpConstraint(rolesAllowed = {"companyAdmin"})<br>
     public Response getUserInformation(@Context HttpServletRequest
    request) {<br>
     }<br>
    }<br>
    <br>
    This means that someone had to have already logged in elsewhere and
    be in the companyAdmin role before they will have the ability to
    call the getUserInformation method. If they are not logged in or
    are not in that roll they will get a forbidden message. Any methods
    that do not have the HttpConstraint annotation are not protected.<br>
    <br>
    Is this what you're looking for?<br>
    <br>
    <br>
    <br>
    <br>
    <div class="moz-cite-prefix">On 06/19/2015 12:32 PM, Juan Diego
      wrote:<br>
    </div>
    <blockquote
cite="mid:CAJGEj6ch6wDz64TnxE1U3CiCDX86k0e5b3=vwG+1cZJqKcz-iw@mail.gmail.com"
      type="cite">
      <div dir="ltr">How can I secure a method for a role, if a rest
        service has multiple methods.<br>
      </div>
      <div class="gmail_extra"><br>
        <div class="gmail_quote">On Fri, Jun 19, 2015 at 2:49 AM, Stian
          Thorgersen <span dir="ltr">&lt;<a moz-do-not-send="true"
              href="mailto:stian@redhat.com" target="_blank">stian@redhat.com</a>&gt;</span>
          wrote:<br>
          <blockquote class="gmail_quote" style="margin:0 0 0
            .8ex;border-left:1px #ccc solid;padding-left:1ex">Keycloak
            is based on roles and we don't have support for groups. By
            using composite roles you can model groups as a role though.<br>
            <div>
              <div class="h5"><br>
                ----- Original Message -----<br>
                &gt; From: "Juan Diego" &lt;<a moz-do-not-send="true"
                  href="mailto:juandiego83@gmail.com">juandiego83@gmail.com</a>&gt;<br>
                &gt; To: "keycloak-user" &lt;<a moz-do-not-send="true"
                  href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a>&gt;<br>
                &gt; Sent: Thursday, 18 June, 2015 8:35:08 PM<br>
                &gt; Subject: [keycloak-user] Securing backend rest
                methods<br>
                &gt;<br>
                &gt; Hi,<br>
                &gt;<br>
                &gt; I was looking in the examples but I cannot find the
                right one. Is there an<br>
                &gt; example that shows how to secure just a method of a
                rest for a certain<br>
                &gt; group, allow all groups to the rest method. Like in
                picketlinks you could<br>
                &gt; create your own @Admin @Mygroup annotation and add
                it to a function.<br>
                &gt;<br>
                &gt; Thanks,<br>
                &gt;<br>
                &gt; Juan diego<br>
                &gt;<br>
              </div>
            </div>
            &gt; _______________________________________________<br>
            &gt; keycloak-user mailing list<br>
            &gt; <a moz-do-not-send="true"
              href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
            &gt; <a moz-do-not-send="true"
              href="https://lists.jboss.org/mailman/listinfo/keycloak-user"
              rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br>
          </blockquote>
        </div>
        <br>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
keycloak-user mailing list
<a class="moz-txt-link-abbreviated" href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a>
<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/keycloak-user">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>
    </blockquote>
    <br>
    <div class="moz-signature">-- <br>
      <span style="font-weight: bold">Scott Dunbar</span><br>
      <span>Xigole Systems, Inc.</span><br>
      <span>Enterprise consulting, development, and hosting</span><br>
      <span>3036676343</span><br>
    </div>
  </body>
</html>