libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions

KEYCLOAK-15906

Browse source
This commit is contained in:
R Kaja Mohideen 2021-02-28 20:48:46 +05:30 committed by Hynek Mlnařík
parent e18ea48b26
commit cdc50fb328
2 changed files with 5 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
authorization_services/topics/service-authorization-obtaining-permission.adoc
View file

@ -23,8 +23,8 @@ permissions for the resource(s) and scope(s) being requested. This parameter all
* **claim_token_format** * **claim_token_format**
+ +
This parameter is *optional*. A string indicating the format of the token specified in the `claim_token` parameter. {project_name} supports two token This parameter is *optional*. A string indicating the format of the token specified in the `claim_token` parameter. {project_name} supports two token
formats: `urn:ietf:params:oauth:token-type:jwt` and `http://openid.net/specs/openid-connect-core-1_0.html#IDToken`. The `urn:ietf:params:oauth:token-type:jwt` format formats: `urn:ietf:params:oauth:token-type:jwt` and `https://openid.net/specs/openid-connect-core-1_0.html#IDToken`. The `urn:ietf:params:oauth:token-type:jwt` format
indicates that the `claim_token` parameter references an access token. The `http://openid.net/specs/openid-connect-core-1_0.html#IDToken` indicates that the indicates that the `claim_token` parameter references an access token. The `https://openid.net/specs/openid-connect-core-1_0.html#IDToken` indicates that the
`claim_token` parameter references an OpenID Connect ID Token. `claim_token` parameter references an OpenID Connect ID Token.
+ +
* **rpt** * **rpt**

3
securing_apps/topics/oidc/java/spring-security-adapter.adoc
View file

@ -138,6 +138,8 @@ While Spring Security's XML namespace simplifies configuration, customizing the
<bean id="keycloakAuthenticationProcessingFilter" class="org.keycloak.adapters.springsecurity.filter.KeycloakAuthenticationProcessingFilter"> <bean id="keycloakAuthenticationProcessingFilter" class="org.keycloak.adapters.springsecurity.filter.KeycloakAuthenticationProcessingFilter">
<constructor-arg name="authenticationManager" ref="authenticationManager" /> <constructor-arg name="authenticationManager" ref="authenticationManager" />
</bean> </bean>
<bean id="keycloakSecurityContextRequestFilter"
class="org.keycloak.adapters.springsecurity.filter.KeycloakSecurityContextRequestFilter" />
<bean id="keycloakLogoutHandler" class="org.keycloak.adapters.springsecurity.authentication.KeycloakLogoutHandler"> <bean id="keycloakLogoutHandler" class="org.keycloak.adapters.springsecurity.authentication.KeycloakLogoutHandler">
<constructor-arg ref="adapterDeploymentContext" /> <constructor-arg ref="adapterDeploymentContext" />
@ -162,6 +164,7 @@ While Spring Security's XML namespace simplifies configuration, customizing the
<security:http auto-config="false" entry-point-ref="keycloakAuthenticationEntryPoint"> <security:http auto-config="false" entry-point-ref="keycloakAuthenticationEntryPoint">
<security:custom-filter ref="keycloakPreAuthActionsFilter" before="LOGOUT_FILTER" /> <security:custom-filter ref="keycloakPreAuthActionsFilter" before="LOGOUT_FILTER" />
<security:custom-filter ref="keycloakAuthenticationProcessingFilter" before="FORM_LOGIN_FILTER" /> <security:custom-filter ref="keycloakAuthenticationProcessingFilter" before="FORM_LOGIN_FILTER" />
<security:custom-filter ref="keycloakSecurityContextRequestFilter" after="FORM_LOGIN_FILTER" />
<security:intercept-url pattern="/customers**" access="ROLE_USER" /> <security:intercept-url pattern="/customers**" access="ROLE_USER" />
<security:intercept-url pattern="/admin**" access="ROLE_ADMIN" /> <security:intercept-url pattern="/admin**" access="ROLE_ADMIN" />
<security:custom-filter ref="logoutFilter" position="LOGOUT_FILTER" /> <security:custom-filter ref="logoutFilter" position="LOGOUT_FILTER" />