[keycloak-dev] Do we have Login SPI with Keycloak_1.1.0_Final?

Lakshmi Narayana VADALI (lvadali) lvadali at cisco.com
Tue Feb 3 04:58:09 EST 2015 

By LogIn SPI  we mean any SPI for Customizing authentication. 

We need to authenticate  devices which will come for authentication with their  certificate. 
As per keycloak-dev suggestion currently (Integrated with Keycloak_1.0.4_Final) we are following below procedure
	1. Create a new jaxrs class with two methods, one that returns the nounce and another that authenticates the client, look at TokenService as a reference for this, specifically at TokenService.grantAccessToken.
	2. Extend KeycloakApplication to add your new class 
	3. Create your own auth-server war - see 'project-integrations/aerogear-ups' as a reference for this
Also we were told that keycloak will come up with hooks whereby we can plug in our authentication mechanism. We want to know whether hooks(LogIn SPI) are provided with Latest Keycloak 1.1.0_Final Release. 

For reference attaching previous discussion with Keycloak-dev.

Our Requirement:
Instead of Existing one step authentication(user/pass), We  need custom certificate based authentication which is 2-step Authentication as below:
    1. Bypass Login screen , instead generate nonce(UUID) and provide intermediate Endpoint URL for Certificate based authentication.
    2. Client will come to Certificate based authentication with its certificate and encrypted UUID.  After Validating Encrypted UUID 
       and Client certificate server should generate “Access code”.


Thanks,
Lakshmi Narayana V


-----Original Message-----
From: Stian Thorgersen [mailto:stian at redhat.com] 
Sent: Tuesday, February 03, 2015 1:40 PM
To: Lakshmi Narayana VADALI (lvadali)
Cc: keycloak-dev at lists.jboss.org
Subject: Re: [keycloak-dev] Do we have Login SPI with Keycloak_1.1.0_Final?



----- Original Message -----
> From: "Lakshmi Narayana VADALI (lvadali)" <lvadali at cisco.com>
> To: keycloak-dev at lists.jboss.org
> Sent: Tuesday, 3 February, 2015 8:03:56 AM
> Subject: [keycloak-dev] Do we have Login SPI with Keycloak_1.1.0_Final?
> 
> 
> 
> 
> 
> Congrats Team for Keycloak 1.1.0.Final Release loaded with features.
> 
> 
> 
> We are planning to integrate our code with Latest Keycloak. So Can you 
> please confirm do we have full support for Below features in 
> Keycloak_1.1.0_Final Release.
> 
> 
> 
> 1. Login SPI

Not sure what you're referring to

> 
> 2. HA Support

Yes

> 
> 3. Clustering Support

Yes, it's one of the top new features in 1.1, so yes of course

> 
> 
> 
> Thanks,
> 
> Lakshmi Narayana V
> 
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
-------------- next part --------------
An embedded message was scrubbed...
From: Stian Thorgersen <stian at redhat.com>
Subject: Re: [keycloak-dev] Customising Keycloak Authentication flow
Date: Tue, 9 Sep 2014 09:43:43 +0000
Size: 8441
Url: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20150203/61ef02dc/attachment-0001.mht

More information about the keycloak-dev mailing list