Setting Up Policy-Enforcer in Keycloak

Securing applications
1

I am new to keycloak and i am going through with the quickstart at the Link:
https://github.com/keycloak/keycloak-quickstarts/tree/latest/app-authz-rest-employee

Purpose:

  • The project merely expose one Rest-API:

@RestController
public class ApplicationController {

@RequestMapping(value = "/api/{employee}", method = RequestMethod.GET)
public Employee salary(@PathVariable String employee) {
    return new Employee(employee);
}

public static class Employee {

    private final String name;

    public Employee(String name) {
        this.name = name;
    }

    public String getName() {
        return name;
    }
}

}

  • application.properties:

server.connection-timeout=5000
server.port = 8080
keycloak.realm=spring-boot-quickstart
keycloak.auth-server-url=http://localhost:8180/auth
keycloak.ssl-required=external
keycloak.resource=app-authz-rest-employee
keycloak.bearer-only=true
keycloak.credentials.secret=234d66af-58c7-4105-83cb-ea92c559a21f
keycloak.securityConstraints[0].authRoles[0]=user
keycloak.securityConstraints[0].securityCollections[0].name=protected
keycloak.securityConstraints[0].securityCollections[0].patterns[0]=/*
keycloak.policy-enforcer-config.enforcement-mode=ENFORCING
keycloak.policy-enforcer-config.claimInformationPointConfig.claims[http.uri]={request.relativePath}

Turn off the logs

logging.level.root=OFF
logging.level.org.springframework.boot=OFF
spring.main.banner-mode=OFF