how to ommit Authentication for default URLs in keyclock.
44 views
Skip to first unread message
Amitesh Kumar
Oct 3, 2022, 1:42:05 AM10/3/22
to Keycloak User
Hi,
<security-constraint>
<web-resource-collection>
<web-resource-name>Employees Resource</web-resource-name>
<url-pattern>/v1/employees/*</url-pattern>
</web-resource-collection>
<auth-constraint> //Authentication needed.
<role-name>employees_api_access</role-name>
</auth-constraint>
</security-constraint>
<security-constraint> //why below URLs needing authentication after key cock 18
<web-resource-collection>
<web-resource-name>swagger</web-resource-name>
<url-pattern>/v1/apiee/*</url-pattern>
<url-pattern>/webjars/*</url-pattern>
<url-pattern>/logonew.png</url-pattern>
</web-resource-collection>
</security-constraint>
<web-resource-collection>
<web-resource-name>Employees Resource</web-resource-name>
<url-pattern>/v1/employees/*</url-pattern>
</web-resource-collection>
<auth-constraint> //Authentication needed.
<role-name>employees_api_access</role-name>
</auth-constraint>
</security-constraint>
<security-constraint> //why below URLs needing authentication after key cock 18
<web-resource-collection>
<web-resource-name>swagger</web-resource-name>
<url-pattern>/v1/apiee/*</url-pattern>
<url-pattern>/webjars/*</url-pattern>
<url-pattern>/logonew.png</url-pattern>
</web-resource-collection>
</security-constraint>
Thanks
Amitesh Kumar
Amitesh Kumar
Oct 3, 2022, 10:10:03 PM10/3/22
to Keycloak User
In key clock version 3 we avoid writing “auth-constraint” for default URLs to skip authentication. But in key clock 18 it is not working. Can you please share the parameter or code by which we can avoid authentication for default URLs like info/homepage/dashboard?
This issue come only with those API having Authentication with different user and usage of resource, permission, and policies has been done.
Note:- We are using user based authentication usage of Resource, permission and policies has been done.
Reply all
Reply to author
Forward
0 new messages