EXTERNAL Weimer Benjamin (TNG, IOC/PAU1)
unread,Nov 17, 2021, 8:05:17 AM11/17/21Sign in to reply to author
Sign in to forward
You do not have permission to delete messages in this group
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to keycloak-dev (keycloak-dev@googlegroups.com), Matysiak Joerg (IOC/PAU1)
Hi,
in Wildfly it was possible to set a whitelist of ip-addresses that can access certain endpoints. This can be done via Undertow filter expressions, e.g. with a jboss cli command like this:
/subsystem=undertow/configuration=filter/expression-filter=metrics-access:add(expression="path(/metrics) -> ip-access-control(acl={'127.0.0.1 allow'},failure-status=403)")
Is it possible to configure something similar in Quarkus with Keycloak.X?
We already found out that there is a quarkus-undertow extension that can be used to set those Undertow filters. Currently Keycloak.X does not include this extension. Is there a plan to implement access control lists in Keycloak.X?
If not, would you accept a pull requests that includes the quarkus-undertow extension in Keycloak.X?
Mit freundlichen Grüßen / Best regards
Benjamin Weimer
Project Delivery Berlin 2 (IOC/PDL2)
Bosch.IO GmbH | Ziegelei 7 | 88090 Immenstaad | GERMANY |
www.bosch.io
Tel. +49 30 726112-0 |
external.Ben...@bosch-si.com<mailto:
external.Ben...@bosch-si.com>
Sitz: Berlin, Registergericht: Amtsgericht Charlottenburg; HRB 148411 B
Aufsichtsratsvorsitzender: Stefan Koss; Geschäftsführung: Dr. Stefan Ferber, Dr. Aleksandar Mitrovic, Yvonne Reckling