You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@apisix.apache.org by GitBox <gi...@apache.org> on 2022/03/08 07:08:51 UTC

[GitHub] [apisix] juzhiyuan commented on a change in pull request #6485: feat: authz-keycloak plugin support redirect not authorized user

juzhiyuan commented on a change in pull request #6485:
URL: https://github.com/apache/apisix/pull/6485#discussion_r821377757



##########
File path: docs/en/latest/plugins/authz-keycloak.md
##########
@@ -63,6 +63,7 @@ For more information on Keycloak, refer to [Keycloak Authorization Docs](https:/
 | keepalive                      | boolean       | optional    | true                                          |                                                                    | Enable HTTP keep-alive to keep connections open after use. Set to `true` if you expect a lot of requests to Keycloak.                                       |
 | keepalive_timeout              | integer       | optional    | 60000                                         | positive integer >= 1000                                           | Idle timeout after which established HTTP connections will be closed.                                                                                       |
 | keepalive_pool                 | integer       | optional    | 5                                             | positive integer >= 1                                              | Maximum number of connections in the connection pool.                                                                                                       |
+| access_denied_redirect_uri     | string        | optional    |                                               | [1, 2048]                                          | Redirect not authorized user with the given uri like "http://127.0.0.1/test", instead of returning `"error_description":"not_authorized"`.                                             |

Review comment:
       ```suggestion
   | access_denied_redirect_uri     | string        | optional    |                                               | [1, 2048]                                          | Redirect unauthorized user with the given uri like "http://127.0.0.1/test", instead of returning `"error_description":"not_authorized"`.                                             |
   ```

##########
File path: docs/zh/latest/plugins/authz-keycloak.md
##########
@@ -49,6 +49,8 @@ title: authz-keycloak
 | refresh_token_expires_leeway| integer       | 可选   | 0           | [0, ...]                            | refresh token 提前更新时间(秒,如果设置了此值,允许在该时间段内使用相同的 refresh token 令牌来解决潜在的网络并发问题)                                                                   |
 | ssl_verify                  | boolean       | 可选   | true        | [0, ...]                            | 验证 SSL 证书与主机名是否匹配                                                                   |
 | policy_enforcement_mode     | string        | 可选   | "ENFORCING" | ["ENFORCING", "PERMISSIVE"] |                                                                                                 |
+| access_denied_redirect_uri  | string        | 可选   |             | [1, 2048]                           |未授权的用户不会返回 `"error_description":"not_authorized"`,而是会定重定向至给定的uri,如 "http://127.0.0.1/test"

Review comment:
       ```suggestion
   | access_denied_redirect_uri  | string        | 可选   |             | [1, 2048]                           |未授权的用户不会返回 `"error_description":"not_authorized"`,而是会重定向至给定的 uri,如 "http://127.0.0.1/test"
   ```




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org