Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/dteleguin/custom-admin-roles
KeyCloak Extensions: Securing Realm Resources With Custom Roles
https://github.com/dteleguin/custom-admin-roles
Last synced: about 1 month ago
JSON representation
KeyCloak Extensions: Securing Realm Resources With Custom Roles
- Host: GitHub
- URL: https://github.com/dteleguin/custom-admin-roles
- Owner: dteleguin
- Created: 2016-08-19T20:33:20.000Z (almost 8 years ago)
- Default Branch: master
- Last Pushed: 2016-08-29T04:15:42.000Z (almost 8 years ago)
- Last Synced: 2024-02-10T10:11:29.640Z (5 months ago)
- Language: Java
- Homepage:
- Size: 21.5 KB
- Stars: 14
- Watchers: 2
- Forks: 3
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Lists
- awesome-keycloak - KeyCloak Extensions: Securing Realm Resources With Custom Roles
README
# KeyCloak Extensions: Securing Realm Resources With Custom Roles
This example demonstrates how to secure KeyCloak custom realm resources with custom admin roles (different from built-in roles like `admin`).
## Requirements
* KeyCloak 2.1.0
## Build
`mvn install`
## Installation
After the extension has been built, install it as a JBoss/WildFly module via `jboss-cli`:
```
[disconnected /] module add --name=hello --resources=/path/to/custom-admin-roles-1.0-SNAPSHOT.jar --dependencies=org.keycloak.keycloak-server-spi,org.keycloak.keycloak-services,org.keycloak.keycloak-core,javax.ws.rs.api
```Alternatively, create `$KEYCLOAK_HOME/modules/hello/main/module.xml` to load extension from the local Maven repo:
```
```
## Configuration
`$KEYCLOAK_HOME/standalone/configuration/keycloak-server.json`:
```
{
"providers": [
"classpath:${jboss.home.dir}/providers/*",
"module:hello"
],
...
"theme": {
"staticMaxAge": 2592000,
"cacheTemplates": true,
"cacheThemes": true,
"folder": {
"dir": "${jboss.home.dir}/themes"
},
"module": {
"modules": [ "hello" ]
},
"default": "hello"
},
...
```## Running example
Run KeyCloak and log into the admin console. You should be able to access the "☺ Hello" menu item.
Check for `view-hello` and `manage-hello` roles in:
* `*-realm` clients of master realm;
* `realm-management` clients of regular realms.The roles will be automatically added to both existing and newly-created realms.