2017-06-28 98 views
0

我試圖刪除用戶會話使用keycloak REST API, 但獲取403禁止Http狀態代碼。 我正在將標記和cookie傳遞給標題,請讓我知道如果我錯過了什麼。Keycloak REST API 403禁止

靜態無效的退出(字符串userid,KeycloakSecurityContext會話){

userId = "a12c13b7-fa2e-412f-ac8e-376fdca16a83"; 

    String url = "http://localhost:8081/auth/admin/realms/TestRealm/users/a12c13b7-fa2e-412f-ac8e-376fdca16a83/logout"; 
    HttpClient httpclient = HttpClients.createDefault(); 
    HttpPost httppost = new HttpPost(url); 

    HttpResponse response; 
    try { 

     httppost.addHeader("Accept", "application/json"); 
     httppost.addHeader("Content-Type","application/json"); 
     httppost.addHeader("Cookie", "JSESSIONID=CABD8A135C74864F0961FA629D6D489B"); 
     httppost.addHeader("Authorization", "Bearer "+session.getTokenString()); 


     response = httpclient.execute(httppost); 
     HttpEntity entity = response.getEntity(); 

     System.out.println("entity :"+response.getStatusLine()); 

     if (entity != null) { 
      String responseString = EntityUtils.toString(entity, "UTF-8"); 
      System.out.println("body ....."+responseString); 
     } 
    } catch (ClientProtocolException e) { 
     // TODO Auto-generated catch block 
     e.printStackTrace(); 
    } catch (IOException e) { 
     // TODO Auto-generated catch block 
     e.printStackTrace(); 
    } 

} 

回答

0

使用根據接入功能的用戶需要根據你的境界權利。

例如,我的'admin'用戶需要CLIENT「realm-management」的CLIENT ROLE「view-users」來獲取有關用戶的信息。在你的情況下,當你需要刪除一個用戶時,你可能需要一個角色「manage-users」或者可能更強大一些。