Hi Emanuele, I have no direct experience with the Keycloak plugin, but quickly scanning the code, it definitely tries to fetch roles, by making extra requests to the Keycloak server, around here: https://github.com/geoserver/geoserver/blob/e48780cacce179dc4d70ea6f1928f25f236e50ab/src/community/security/keycloak/src/main/java/org/geoserver/security/keycloak/KeycloakRESTClient.java#L92
I see there is some logging, so setting the log level to "geoserver developer logging" might give you something to work on. If it's not enough a step by step debug session is needed... if that's the case, see here: https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-fixes,-improvements-and-new-features-in-GeoServer Cheers Andrea On Wed, May 24, 2023 at 3:24 PM <[email protected]> wrote: > Hi, > > I'm trying to build an infrastucturewith GeoServer which uses Keycloak as > a service for authentication and managing roles. I'm using this > <https://docs.geoserver.org/2.23.x/en/user/community/keycloak/index.html> > documentation > to enable Keycloak and it seems to work with the authentication part, but i > can't seem to be able to make geoserver sync with Keycloak roles. > I followed step by step the guide, although the keycloak interface has > changed from the images in the guide, but i can't find a way to make it > work. > > I created the roles in keycloak, assigned them to some users. In Geoserver > I added a new Keycloak Role Service, added to the authentication filter, > set it to active role service, but it doesn't sync the roles. > > I don't know how to find out what the problem is and the online > documentation / blogs are very scarce. > > I'm using Geoserver 2.22.3 with Keycloak plugin version 2.22-SNAPSHOT. > > Thank you in advance for the support, > Emanuele. > _______________________________________________ > Geoserver-users mailing list > > Please make sure you read the following two resources before posting to > this list: > - Earning your support instead of buying it, but Ian Turton: > http://www.ianturton.com/talks/foss4g.html#/ > - The GeoServer user list posting guidelines: > http://geoserver.org/comm/userlist-guidelines.html > > If you want to request a feature or an improvement, also see this: > https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer > > > [email protected] > https://lists.sourceforge.net/lists/listinfo/geoserver-users > -- Regards, Andrea Aime == GeoServer Professional Services from the experts! Visit http://bit.ly/gs-services-us for more information. == Ing. Andrea Aime @geowolf Technical Lead GeoSolutions Group phone: +39 0584 962313 fax: +39 0584 1660272 mob: +39 339 8844549 https://www.geosolutionsgroup.com/ http://twitter.com/geosolutions_it ------------------------------------------------------- Con riferimento alla normativa sul trattamento dei dati personali (Reg. UE 2016/679 - Regolamento generale sulla protezione dei dati “GDPR”), si precisa che ogni circostanza inerente alla presente email (il suo contenuto, gli eventuali allegati, etc.) è un dato la cui conoscenza è riservata al/i solo/i destinatario/i indicati dallo scrivente. Se il messaggio Le è giunto per errore, è tenuta/o a cancellarlo, ogni altra operazione è illecita. Le sarei comunque grato se potesse darmene notizia. This email is intended only for the person or entity to which it is addressed and may contain information that is privileged, confidential or otherwise protected from disclosure. We remind that - as provided by European Regulation 2016/679 “GDPR” - copying, dissemination or use of this e-mail or the information herein by anyone other than the intended recipient is prohibited. If you have received this email by mistake, please notify us immediately by telephone or e-mail
_______________________________________________ Geoserver-users mailing list Please make sure you read the following two resources before posting to this list: - Earning your support instead of buying it, but Ian Turton: http://www.ianturton.com/talks/foss4g.html#/ - The GeoServer user list posting guidelines: http://geoserver.org/comm/userlist-guidelines.html If you want to request a feature or an improvement, also see this: https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer [email protected] https://lists.sourceforge.net/lists/listinfo/geoserver-users
