In the oauth2 skeleton key example their was just one role ("user")
specified for the database-services REST services. Is it easy to protect
some services with one role (say using the role "customer" for the
CustomerService) and another required role for other services (say using
the role "product
In the oauth2 skeleton key example their was just one role ("user")
specified for the database-services REST services. Is it easy to protect
some services with one role (say using the role "customer" for the
CustomerService) and another required role for other services (say using
the role "product
requirements we come up against.
Thanks Bill!
*Doug Schnelzer*
*Technical Director, **Vizuri*
*571-969-3793*
On Mon, Apr 15, 2013 at 2:36 PM, Doug Schnelzer wrote:
> In the oauth2 skeleton key example their was just one role ("user")
> specified for the database-services REST
Thanks. As a follow up, I'd like to request a bearer token but limit the
Roles identified in the bearer token. I'm looking
at org.jboss.resteasy.example.oauth.ProductDatabaseClient. Would it be
right to look that the Access Token Scope to try and accomplish this. What
I'm trying to do is have a
> AS8 so that you can do more complex role mappings and OAuth2 scopes .
> Right now you're limited to what the documentation specifies. Please
> get back to me. I want to know if what we have is good enough for now,
> or if it is unusable.
>
> On 4/16/2013 9:17 AM, Doug
We're planning to move to Skeleton Key for SSO support for a bunch of web
apps hosted on JBoss EAP 6. We'd like to come up with an approach that
allows protected web apps to include a username and password field on an
unprotected page from the protected web app (this page would be
unprotected) and
o
far? Again the basic goal is to allow existing apps with their own
existing existing login forms to participate in Skeleton Key SSO without
needing to introduce the new auth-server login form.
Thanks much for taking a few minutes help.
*Doug Schnelzer*
*Technical Director, **Vizuri*
*571-969-3793*
