[keycloak-user] Basic auth and Authentication popup
Dragan Jotanovic
draganj at gmail.com
Tue Jun 14 05:56:31 EDT 2016
Thanks, Marek,
I will try out the JAAS Real approach. I need authentication popup for some
legacy flex application which we can not change.
Thanks,
Dragan
On Tue, Jun 14, 2016 at 9:54 AM, Marek Posolda <mposolda at redhat.com> wrote:
> Hi,
>
> The main point of Keycloak is to provide SSO for browser based apps. BASIC
> authentication is currently supported just for REST endpoints, so no
> authentication popup. And it's generally not recommended. So if you have
> opportunity to redesign and avoid BASIC authentication and authentication
> popup, that would be the preferred way IMO.
>
> Otherwise if you really need BASIC authentication with the popup, then it
> will be better to avoid use Keycloak adapter at all in your WAR. Instead
> you can likely use Tomcat JAAS realm and configure the Keycloak JAAS login
> module (probably DirectAccessGrantsLoginModule) -
> https://keycloak.gitbooks.io/securing-client-applications-guide/content/topics/oidc/java/jaas.html
>
> Marek
>
> Not sure why you want authentication popup?
> On 14/06/16 00:01, Dragan Jotanovic wrote:
>
> Hi there,
>
> I have a war application deployed to tomcat that is currently secured with
> BASIC authentication through tomcat's realm. When I try to access secured
> page, the authentication popup appears.
> I would like to switch to keycloak securitu but I'm not sure if it is
> possible to configure keycloak to force this authentication popup.
> I tried setting it up but when I try to access the secured page, instead
> of authentication popup I am redirected to keycloak page "Client is not
> allowed to initiate browser login with given response_type. Standard flow
> is disabled for the client."
> I've followed the instructions from
> <https://github.com/keycloak/keycloak/tree/master/examples/basic-auth>
> https://github.com/keycloak/keycloak/tree/master/examples/basic-auth and
> http://keycloak.github.io/docs/userguide/keycloak-server/html/ch08.html#tomcat-adapter
> .
>
> Is it possible to setup tomcat and keycloak so that the authentication
> popup would be forced to appear?
>
> Thanks
>
>
> _______________________________________________
> keycloak-user mailing listkeycloak-user at lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160614/d0c7a319/attachment.html
More information about the keycloak-user
mailing list