libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

Add gatekeeper documentation on how to use a forwarding proxy server

Browse source
This commit is contained in:
Sylvain Chen 2018-12-17 13:11:11 +01:00 committed by Matthew Helmke
parent e00695bbf7
commit 4d9a2b200f
1 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
securing_apps/topics/oidc/keycloak-gatekeeper.adoc
View file

@ -146,6 +146,13 @@ bin/{generic_adapter_name} \
By default the roles defined on a resource perform a logical `AND` so all roles specified must be present in the claims, this behavior can be altered by the `require-any-role` option, however, so as long as one role is present the permission is granted.
==== OpenID Provider Communication
By default the communication with the OpenID provider is direct. If you wish, you can specify a forwarding proxy server in your configuration file:
[source,yaml]
----
openid-provider-proxy: http://proxy.example.com:8080
----
==== HTTP routing
By default all requests will be proxyed on to the upstream, if you wish to ensure all requests are authentication you can use this: