libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

Enforcement mode to paths

Browse source
This commit is contained in:
Pedro Igor 2016-11-21 10:03:33 -02:00
parent b1864d86ec
commit 2fdf5819a6
1 changed files with 14 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
topics/enforcer/keycloak-enforcement-filter.adoc
View file

@ -120,4 +120,17 @@ The name of the HTTP method.
+
**** *scopes*
+
An array of strings with the scopes associated with the method. When you associate scopes with a specific method, the client trying to access a protected resource (or path) must provide an RPT that grants permission to all scopes specified in the list. For example, if you define a method _POST_ with a scope _create_, the RPT must contain a permission granting access to the _create_ scope when performing a POST to the path.
An array of strings with the scopes associated with the method. When you associate scopes with a specific method, the client trying to access a protected resource (or path) must provide an RPT that grants permission to all scopes specified in the list. For example, if you define a method _POST_ with a scope _create_, the RPT must contain a permission granting access to the _create_ scope when performing a POST to the path.
+
**** *enforcement-mode*
+
Specifies how policies are enforced.
+
***** *ENFORCING*
+
(default mode) Requests are denied by default even when there is no policy associated with a given resource.
+
***** *DISABLED*
+
Disables the evaluation of policies for a path
+