From 2fdf5819a6154ce439608eab117dd5637bef9701 Mon Sep 17 00:00:00 2001
From: Pedro Igor <pigor.craveiro@gmail.com>
Date: Mon, 21 Nov 2016 10:03:33 -0200
Subject: [PATCH] Enforcement mode to paths

---
 topics/enforcer/keycloak-enforcement-filter.adoc | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/topics/enforcer/keycloak-enforcement-filter.adoc b/topics/enforcer/keycloak-enforcement-filter.adoc
index d1ce843b73..e7f018e4b9 100755
--- a/topics/enforcer/keycloak-enforcement-filter.adoc
+++ b/topics/enforcer/keycloak-enforcement-filter.adoc
@@ -120,4 +120,17 @@ The name of the HTTP method.
 +
 **** *scopes*
 +
-An array of strings with the scopes associated with the method. When you associate scopes with a specific method, the client trying to access a protected resource (or path) must provide an RPT that grants permission to all scopes specified in the list. For example, if you define a method _POST_ with a scope _create_, the RPT must contain a permission granting access to the _create_ scope when performing a POST to the path.
\ No newline at end of file
+An array of strings with the scopes associated with the method. When you associate scopes with a specific method, the client trying to access a protected resource (or path) must provide an RPT that grants permission to all scopes specified in the list. For example, if you define a method _POST_ with a scope _create_, the RPT must contain a permission granting access to the _create_ scope when performing a POST to the path.
++
+**** *enforcement-mode*
++
+Specifies how policies are enforced.
++
+***** *ENFORCING*
++
+(default mode) Requests are denied by default even when there is no policy associated with a given resource.
++
+***** *DISABLED*
++
+Disables the evaluation of policies for a path
++
\ No newline at end of file