[prev in list] [next in list] [prev in thread] [next in thread] 

List:       keycloak-user
Subject:    [keycloak-user] Client specific enumerated roles
From:       rkgunnam120 () gmail ! com (Ravi Kiran)
Date:       2018-02-05 21:04:13
Message-ID: CABK9Lpk0-Cj6sYikRgtSZB=_UFn0HsXA9NGXa=ozG4TVwa5jQQ () mail ! gmail ! com
[Download RAW message or body]

Currently in our application we use LDAP and each LDAP role is mapped to
multiple CRUD permissions roles with in the application. For example
HUMAN_RESOURCE_DIRECTOR
role in LDAP is mapped to CREATE_Employee, Update_Employee, Read_Department
and etc. We are adding these enumerated roles by extending
LdapExtLoginModule.

Now we are planning to switch to Keycloak (rh-sso), what is the best
approach to achieve this?

According to the issue, https://issues.jboss.org/browse/KEYCLOAK-1382,
looks like extending LoginModule is not an option.

Thank you and appreciate it.

[prev in list] [next in list] [prev in thread] [next in thread]