I've integrated the service with the resource-level management functionality of Keycloak. So the code changes are not that many. I mainly renamed all html pages to with a "*.html" pattern to be more easily grouped. Other than that, the code changes are minimal, mainly for display errors.
I've added to Keycloak configuration json files for setting up the client service and the authorization sections:
service-registry.json
service-registryauthorization.json
Finally, I've updated the README with some useful info on how to set things up.
So now we can basically control access to each individual endpoint, through keycloak without any code changes. Also I've set the roles we specified as composite roles based on the individual endpoint resources. As we don't expect the endpoint to change frequently it seemed like a good approach to me... let me know what you think!
I've integrated the service with the resource-level management functionality of Keycloak. So the code changes are not that many. I mainly renamed all html pages to with a "*.html" pattern to be more easily grouped. Other than that, the code changes are minimal, mainly for display errors.
I've added to Keycloak configuration json files for setting up the client service and the authorization sections:
Finally, I've updated the README with some useful info on how to set things up.
So now we can basically control access to each individual endpoint, through keycloak without any code changes. Also I've set the roles we specified as composite roles based on the individual endpoint resources. As we don't expect the endpoint to change frequently it seemed like a good approach to me... let me know what you think!