Hello everyone,
I’ve known keycloak for a few days, it’s a very interesting tool. I am currently encountering a difficulty, perhaps due to my lack of experience. I am developing a java springboot application and I would like to define permissions based on user roles. I have created a realm, users, defined roles, created resources and permissions based on these roles. I have also used the permissions assessment tool to check the different permissions of different users.
Everything works fine when I define static routes in my KeycloakWebSecurityConfigureAdapt class, but I wish I could do something like this
` @Override
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry expressionInterceptUrlRegistry = http.cors() //
.and()
.csrf().disable()
.anonymous().disable()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests();
for(String role : getRoles(KeycloakClientOrKeycloakRealm)) {
for(String ressource : getAllowedRessourcesList(role)) {
expressionInterceptUrlRegistry = expressionInterceptUrlRegistry.antMatchers(ressource).hasRole(role);
}
}
expressionInterceptUrlRegistry.anyRequest().authenticated();
}`
any advice for getRoles(KeycloakClientOrKeycloakRealm) and getAllowedRessourcesList(role) functions? I thank you so much for taking the time to read