[keycloak-user] SAML Identity Broker - First Login/Browser Flow - Password
lason
lason at posteo.ru
Fri Jul 28 05:51:41 EDT 2017
Hi guys,
I am currently trying to implement the following SAML broker flow with KC
3.0.1.Final:
Assumption: User not known
User goes to App
User is redirected to KC
User is redirected to SAML IDP and is authenticated there with smartcard
User is redirected back to App
In KC user was created and the assertion attributes were mapped
Now user logs out
User goes to App
User is redirected to KC
User is redirected to SAML IDP and is authenticated there with smartcard
But now KC says invalid username or password
How can it be done, that on second time IDP brokering, the user is redirect
to the app without any password check by using the already existing KC user
info on username match (may updates the mapping beforehand in case saml
attributes changed)?
thanks
regards
lason
--
View this message in context: http://keycloak-user.88327.x6.nabble.com/SAML-Identity-Broker-First-Login-Browser-Flow-Password-tp3950.html
Sent from the keycloak-user mailing list archive at Nabble.com.
More information about the keycloak-user
mailing list