https://github.com/dteleguin/custom-admin-roles

KeyCloak Extensions: Securing Realm Resources With Custom Roles
https://github.com/dteleguin/custom-admin-roles

Last synced: about 1 month ago
JSON representation

KeyCloak Extensions: Securing Realm Resources With Custom Roles

• Host: GitHub
• URL: https://github.com/dteleguin/custom-admin-roles
• Owner: dteleguin
• Created: 2016-08-19T20:33:20.000Z (almost 8 years ago)
• Default Branch: master
• Last Pushed: 2016-08-29T04:15:42.000Z (almost 8 years ago)
• Last Synced: 2024-02-10T10:11:29.640Z (5 months ago)
• Language: Java
• Homepage:
• Size: 21.5 KB
• Stars: 14
• Watchers: 2
• Forks: 3
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Lists

• awesome-keycloak - KeyCloak Extensions: Securing Realm Resources With Custom Roles

README

        
# KeyCloak Extensions: Securing Realm Resources With Custom Roles

This example demonstrates how to secure KeyCloak custom realm resources with custom admin roles (different from built-in roles like `admin`).

## Requirements

* KeyCloak 2.1.0

## Build

`mvn install`

## Installation

After the extension has been built, install it as a JBoss/WildFly module via `jboss-cli`:

```

[disconnected /] module add --name=hello --resources=/path/to/custom-admin-roles-1.0-SNAPSHOT.jar --dependencies=org.keycloak.keycloak-server-spi,org.keycloak.keycloak-services,org.keycloak.keycloak-core,javax.ws.rs.api

```

Alternatively, create `$KEYCLOAK_HOME/modules/hello/main/module.xml` to load extension from the local Maven repo:

```

    

        

    

    

        

        

        

        

    

```

## Configuration

`$KEYCLOAK_HOME/standalone/configuration/keycloak-server.json`:

```

{

    "providers": [

        "classpath:${jboss.home.dir}/providers/*",

        "module:hello"

    ],

...

    "theme": {

        "staticMaxAge": 2592000,

        "cacheTemplates": true,

        "cacheThemes": true,

        "folder": {

          "dir": "${jboss.home.dir}/themes"

        },

        "module": {

          "modules": [ "hello" ]

        },

        "default": "hello"

    },

...

```

## Running example

Run KeyCloak and log into the admin console. You should be able to access the "☺ Hello" menu item.

Check for `view-hello` and `manage-hello` roles in:

* `*-realm` clients of master realm;

* `realm-management` clients of regular realms.

The roles will be automatically added to both existing and newly-created realms.