Hello, I am using application.properties to configure the Keycloak adapter for KeycloakDeployment. I am implementing Keycloak scope base policy enforcement in my Spring boot application. For public urls, I wish to turn off policy enforcement.
If you have any advice on how I may configure public urls to be excluded from tests, please let me know.
Here is my application.properties config
keycloak.securityConstraints[0].securityCollections[0].name = user operation
keycloak.securityConstraints[0].authRoles[0] = Mobile-user
keycloak.securityConstraints[0].authRoles[1] = Customer-support
keycloak.securityConstraints[0].securityCollections[0].patterns[0] = /users
keycloak.securityConstraints[0].securityCollections[0].patterns[1] = /users/*
keycloak.securityConstraints[1].securityCollections[0].name = system operation
keycloak.securityConstraints[1].authRoles[0] = System-user
keycloak.securityConstraints[1].securityCollections[0].patterns[0] = /tenants
keycloak.securityConstraints[1].securityCollections[0].patterns[1] = /tenants/*
keycloak.securityConstraints[2].securityCollections[0].name = Default operation
keycloak.securityConstraints[2].authRoles[0] = *
keycloak.securityConstraints[2].securityCollections[0].patterns[0] = /users/signin
keycloak.policy-enforcer-config.paths[3].name=Default Resource
keycloak.policy-enforcer-config.paths[3].path=/users/signin
keycloak.policy-enforcer-config.paths[0].name=Tenant Resource
keycloak.policy-enforcer-config.paths[0].path=/tenants/*
keycloak.policy-enforcer-config.paths[0].methods[0].method=GET
keycloak.policy-enforcer-config.paths[0].methods[0].scopes[0]=GET
keycloak.policy-enforcer-config.paths[0].methods[1].method=PUT
keycloak.policy-enforcer-config.paths[0].methods[1].scopes[0]=PUT
keycloak.policy-enforcer-config.paths[0].methods[2].method=DELETE
keycloak.policy-enforcer-config.paths[0].methods[2].scopes[0]=DELETE
keycloak.policy-enforcer-config.paths[1].name=Add User Resource
keycloak.policy-enforcer-config.paths[1].path=/users
keycloak.policy-enforcer-config.paths[1].methods[0].method=POST
keycloak.policy-enforcer-config.paths[1].methods[0].scopes[0]=POST
keycloak.policy-enforcer-config.paths[1].methods[1].method=GET
keycloak.policy-enforcer-config.paths[1].methods[1].scopes[0]=GET
keycloak.policy-enforcer-config.paths[2].name=Mobile User Resource
keycloak.policy-enforcer-config.paths[2].path=/users/*
keycloak.policy-enforcer-config.paths[2].methods[0].method=GET
keycloak.policy-enforcer-config.paths[2].methods[0].scopes[0]=GET
keycloak.policy-enforcer-config.paths[2].methods[1].method=PUT
keycloak.policy-enforcer-config.paths[2].methods[1].scopes[0]=PUT
keycloak.policy-enforcer-config.paths[2].methods[2].method=DELETE
keycloak.policy-enforcer-config.paths[2].methods[2].scopes[0]=DELETE
keycloak.policy-enforcer-config.enforcement-mode=PERMISSIVE
keycloak.policy-enforcer-config.lazy-load-paths=true
keycloak.use-resource-role-mappings=true
Please suggest if i am missing something.