[keycloak-user] Basic auth and Authentication popup
Marek Posolda
mposolda at redhat.com
Tue Jun 14 04:54:40 EDT 2016
Hi,
The main point of Keycloak is to provide SSO for browser based apps.
BASIC authentication is currently supported just for REST endpoints, so
no authentication popup. And it's generally not recommended. So if you
have opportunity to redesign and avoid BASIC authentication and
authentication popup, that would be the preferred way IMO.
Otherwise if you really need BASIC authentication with the popup, then
it will be better to avoid use Keycloak adapter at all in your WAR.
Instead you can likely use Tomcat JAAS realm and configure the Keycloak
JAAS login module (probably DirectAccessGrantsLoginModule) -
https://keycloak.gitbooks.io/securing-client-applications-guide/content/topics/oidc/java/jaas.html
Marek
Not sure why you want authentication popup?
On 14/06/16 00:01, Dragan Jotanovic wrote:
> Hi there,
>
> I have a war application deployed to tomcat that is currently secured
> with BASIC authentication through tomcat's realm. When I try to access
> secured page, the authentication popup appears.
> I would like to switch to keycloak securitu but I'm not sure if it is
> possible to configure keycloak to force this authentication popup.
> I tried setting it up but when I try to access the secured page,
> instead of authentication popup I am redirected to keycloak page
> "Client is not allowed to initiate browser login with given
> response_type. Standard flow is disabled for the client."
> I've followed the instructions from
> https://github.com/keycloak/keycloak/tree/master/examples/basic-auth
> and
> http://keycloak.github.io/docs/userguide/keycloak-server/html/ch08.html#tomcat-adapter.
>
> Is it possible to setup tomcat and keycloak so that the authentication
> popup would be forced to appear?
>
> Thanks
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160614/10b99064/attachment.html
More information about the keycloak-user
mailing list