commit
1c4b8383f0
1 changed files with 12 additions and 2 deletions
|
@ -39,13 +39,23 @@ public interface Evaluation {
|
|||
void deny();
|
||||
}
|
||||
```
|
||||
[NOTE]
|
||||
For more information about the Evaluation API see the http://www.keycloak.org/docs/javadocs/index.html[JavaDocs].
|
||||
|
||||
When processing an authorization request, {{book.project.name}} creates an `Evaluation` instance before evaluating any policy. This instance is then passed to each policy to determine whether access is *GRANT* or *DENY*.
|
||||
|
||||
Policies determine this by invoking the `grant()` or `deny()` methods on an `Evaluation` instance. By default, the state of the `Evaluation` instance is denied, which means that your policies must explicitly invoke the `grant()` method to indicate to the policy evaluation engine that permission should be granted.
|
||||
|
||||
{% if book.community %}
|
||||
|
||||
For more information about the Evaluation API see the http://www.keycloak.org/docs/javadocs/index.html[JavaDocs].
|
||||
|
||||
{% endif %}
|
||||
|
||||
{% if book.product %}
|
||||
|
||||
For more information about the Evaluation API see the https://access.redhat.com/webassets/avalon/d/red-hat-single-sign-on/version-7.1/javadocs/[JavaDocs].
|
||||
|
||||
{% endif %}
|
||||
|
||||
==== The Evaluation Context
|
||||
|
||||
The evaluation context provides useful information to policies during their evaluation.
|
||||
|
|
Loading…
Reference in a new issue