客户端角色的Keycloak弹簧启动配置
问题描述:
我有一个启用了spring启动的rest api配置了keycloak。客户端角色的Keycloak弹簧启动配置
keycloak.realm = demo
keycloak.realmKey = yfdsfdiufuydhf
keycloak.auth-server-url = http://localhost:8080/auth
keycloak.ssl-required = external
keycloak.resource = lib-backend
keycloak.bearer-only = true
keycloak.credentials.secret = a9fa2e60-324b-4508-b33d-84be2a981da3
# Keycloak Enable CORS
keycloak.cors = true
keycloak.securityConstraints[0].securityCollections[0].name = spring secured api
keycloak.securityConstraints[0].securityCollections[0].authRoles[0] = lib_sadmin
上述代码将返回api给客户端没有任何问题。但是,当我删除领域角色并启用客户端角色给403禁止的错误。
答
如果你想与客户端的角色来操作,你应该添加到您的配置:
keycloak.use-resource-role-mappings=true