stackoom
  简体   繁体   中英

Keycloak authenticate users with no role

 原文  2018-12-15 17:44:30       authentication/ tomcat/ keycloak

Question

I would like to be able to authenticate requests where the user has no role assigned.

I'm using keycloak core and tomcat adapter to authenticate. Keycloak constraints are specified in the web.xml like: 

  <security-role>
    <role-name>L1</role-name>
</security-role>

<security-constraint>
    <web-resource-collection>
        <web-resource-name>applicant-login-required</web-resource-name>
        <url-pattern>/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
        <role-name>L1</role-name>
    </auth-constraint>
</security-constraint>

I have tried a number of things like removing auth-constraint and security-role or changing to

<auth-constraint>
  <role-name>*</role-name>
</auth-constraint>

but this is not authenticating anyone any more

1 answers

solution1
 0 ACCPTED  2020-01-28 08:53:01

Although I could not find documentation to confirm this, I think it's impossible to authenticate users with no role. All users should be assigned a role.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to authenticate users by their role declarative? Keycloak: Authenticate user with a custom JWT Programmatically authenticate user with Keycloak in java keycloak admin cli unable to authenticate If possible, How to authenticate thin server SPA users through backend REST where nginx role limited to serve static content and proxy Backend REST? How to authenticate user according to their role? Authenticate users with LDAP server Authenticate users when login How to authenticate users? Is this a secure way to authenticate users?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM