java - Keycloak: Send AdminEvent from custom Endpoint (SPI)
问题描述
I have a Keycloak
extension (Custom Endpoints, SPI). Now I want to add sending of AdminEvents
, which I implemented as follows:
private void logAdminEvent(ClientConnection clientConnection, UserRepresentation rep, OperationType operation, ResourceType resource) {
RealmModel realm = session.getContext().getRealm();
// beware: clientConnection must not be null because of missing check for NullPointer in Keycloak
ClientModel client = realm.getClientByClientId(ROLE_ATTRIBUTE_CLIENT);
AdminAuth adminAuth = new AdminAuth(realm, authResult.getToken(), authResult.getUser(), client);
AdminEventBuilder adminEvent = new AdminEventBuilder(realm, adminAuth, session, clientConnection);
adminEvent
.operation(operation)
.resource(resource)
.authIpAddress(authResult.getSession().getIpAddress())
.authClient(client)
.resourcePath(session.getContext().getUri())
.representation(rep);
adminEvent
.success();
}
I am aware that the admin event
logging must be activated in Keycloak admin console, which I did.
Maybe it is relevant that the logged in user has no administration privileges, but it also did not work when I gave admin privileges.
I need Ideas or Hints to what I am doing wrong here. Documentation and web research unfortunately did not help.
解决方案
Take a look at Keycloak sources, especially something like RootAdminResource
. As far as i remember all admin resources (e.g. controllers
) create events
via builder
that cloned from builder
that was injected via constructor by parent resource. You may be missing some initialization tricks.
推荐阅读
- javascript - Discord bot 不响应用户输入的命令
- c - C-Linker:如何用一些具有预定义地址的内存段划分内存并填充剩余的可用空间?
- api - 颤动的世界时间
- javascript - 需要点击两次保存按钮
- c++ - 通过使用 size_t 的否定来翻转最低有效一位
- java - 刷新活动而不关闭它
- sql - SQL如何避免groupby
- spring-security - SpringSecurity 中的多个入口点不起作用
- reactjs - 如何在午夜重置变量?- React Native 移动应用程序
- docker - 在 Docker 映像中运行气流命令错误:[Errno 13] Permission denied: '/opt/airflow/logs/scheduler/