[KEYCLOAK-10443] - Define a global decision strategy for resource servers
This commit is contained in:
Pedro Igor
parent
44d3c851fc
commit
d1b05ff0ce
1 changed files with 4 additions and 0 deletions
|
|
@ -62,6 +62,10 @@ Requests are allowed even when there is no policy associated with a given resour
|
|||
+
|
||||
Disables the evaluation of all policies and allows access to all resources.
|
||||
+
|
||||
* *Decision Strategy*
|
||||
+
|
||||
This configurations changes how the policy evaluation engine decides whether or not a resource or scope should be granted based on the outcome from all evaluated permissions. `Affirmative` means that at least one permission must evaluate to a positive decision in order grant access to a resource and its scopes. `Unanimous` means that all permissions must evaluate to a positive decision in order for the final decision to be also positive. As an example, if two permissions for a same resource or scope are in conflict (one of them is granting access and the other is denying access), the permission to the resource or scope will be granted if the choosen strategy is `Affirmative`. Otherwise, a single deny from any permission will also deny access to the resource or scope.
|
||||
+
|
||||
* *Remote Resource Management*
|
||||
+
|
||||
Specifies whether resources can be managed remotely by the resource server. If false, resources can be managed only from the administration console.
|
||||
Loading…
Reference in a new issue