[keycloak-user] SAML quickstart example

Marek Posolda mposolda at redhat.com
Tue Feb 20 08:15:57 EST 2018


On 20/02/18 14:01, tdtappe wrote:
> Doing my first steps with keycloak I successfully setup a keycloak
> (3.4.3.Final) instance and explored the vanilla sample app. Now I want to
> try the SAML sample app (app-profile-saml-jee-jsp).
> After modifying the web.xml to use KEYCLOAK instead of KEYCLOAK-SAML as the
> auth-method (I was getting an error: "Unknown authentication mechanism
> KEYCLOAK-SAML") I was able to build and deploy the app to my Wildfly 10.1
> instance.
> Question: Was it correct to change the auth-method to KEYCLOAK?
No, it's not correct AFAIK. Method KEYCLOAK can be used just if you 
installed the OpenID Connect keycloak adapter subsystem into your 
Wildfly and it's useful just for OpenID Connect clients. SAML clients 
need KEYCLOAK-SAML authentication mechanism.

Why you changed that? Is it stated in some documentation or README that 
SAML clients are supposed to use KEYCLOAK method? If yes, it's not 
correct and we should likely fix it.

Marek
>
> If I now access the sample app and click on "Login" (or trying to access
> profile.jsp) I get a "Forbidden" error.
> AFAICT, I set up keycloak for the sample app as decribed in the
> documentation/readme.
>
> Any ideas?
>
> --Heiko
>
>
>
> --
> Sent from: http://keycloak-user.88327.x6.nabble.com/
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user




More information about the keycloak-user mailing list