[keycloak-user] Login without Keycloak Login Page
Bill Burke
bburke at redhat.com
Mon Dec 19 10:28:59 EST 2016
I looked at the image, specifically the @Path("/login") JAX-RS method.
What you are attempting will just not work. Period. I don't think you
understand how basic servlet, JAX-RS, and HTTP works along with how Open
ID Connection works. OpenID Connect (and SAML) require browser
redirects. In looking at your code, you're expecting authenticate() to
redirect the browser to keycloak, have the user login, then redirect
back. This just doesn't do what you expect. And it shouldn't.
Calling servletRequest.authenticate() sets a 302 response with a
Location header pointing back to the server. That's it... You
actually override what authenticate() did by returning a JAX-RS response.
More information about the keycloak-user
mailing list