<div dir="ltr">I'll give you an example:<div><br></div><div>We have a situation in our website where we only ask for the user's e-mail, and he can go on with the flow.</div><div><br></div><div>On a determined step of the flow, if we identify that this is an e-mail that we already have in our user database, we ask him for his password, authenticate him, and let him go on, if this e-mail is new, we redirect him to a page where he can register himself, and after that continue on.</div>
<div><br></div><div>On this specific case and others, we wouldn't like to have to redirect him to keycloak, because that would interrupt the flow that we designed.</div></div><div class="gmail_extra"><br><br><div class="gmail_quote">
On Wed, Jul 16, 2014 at 4:39 PM, Bill Burke <span dir="ltr"><<a href="mailto:bburke@redhat.com" target="_blank">bburke@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<a href="http://docs.jboss.org/keycloak/docs/1.0-beta-3/userguide/html/direct-access-grants.html" target="_blank">http://docs.jboss.org/<u></u>keycloak/docs/1.0-beta-3/<u></u>userguide/html/direct-access-<u></u>grants.html</a><br>
<br>
If you have to do it this way, please let us know why. Maybe we can solve the issue within keycloak itself.<div class=""><br>
<br>
On 7/16/2014 3:35 PM, Rodrigo Sasaki wrote:<br>
</div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="">
Just for the sake of conversation, if I did want to handle my own login<br>
page, would there be a way for me to do it?<br>
<br>
<br>
On Tue, Jul 15, 2014 at 2:35 PM, Rodrigo Sasaki<br></div><div class="">
<<a href="mailto:rodrigopsasaki@gmail.com" target="_blank">rodrigopsasaki@gmail.com</a> <mailto:<a href="mailto:rodrigopsasaki@gmail.com" target="_blank">rodrigopsasaki@gmail.<u></u>com</a>>> wrote:<br>
<br>
I don't want to miss out on all of that, which is why we're mostly<br>
migrating everything to use keycloak that way.<br>
<br>
It's just that we have cases that are so specific, that it would be<br>
better to authenticate the user in a different manner, create the<br>
user session and everything, without redirecting.<br>
<br>
I'll have a look at that code. Thanks!<br>
<br>
<br>
On Tue, Jul 15, 2014 at 2:19 PM, Bill Burke <<a href="mailto:bburke@redhat.com" target="_blank">bburke@redhat.com</a><br></div><div><div class="h5">
<mailto:<a href="mailto:bburke@redhat.com" target="_blank">bburke@redhat.com</a>>> wrote:<br>
<br>
If you want to handle your own login pages, IMO, you are missing<br>
out on<br>
a lot of Keycloak features. Specifically:<br>
<br>
* SSO<br>
* forgot password<br>
* admin forced credential reset/setup<br>
<br>
<br>
Login pages can be styled however you like to look like your<br>
application.<br>
<br>
There is a REST api for obtaining an access token. Here is an<br>
example:<br>
<br>
<a href="https://github.com/keycloak/keycloak/blob/master/examples/demo-template/admin-access-app/src/main/java/org/keycloak/example/AdminClient.java" target="_blank">https://github.com/keycloak/<u></u>keycloak/blob/master/examples/<u></u>demo-template/admin-access-<u></u>app/src/main/java/org/<u></u>keycloak/example/AdminClient.<u></u>java</a><br>
<br>
On 7/15/2014 12:36 PM, Rodrigo Sasaki wrote:<br>
> Is there a way to authenticate the user without having to<br>
input username<br>
> and password on the login page?<br>
><br>
> For example:<br>
><br>
> Say there's a situation in my application where I request the<br>
user for<br>
> his username and password, and I wouldn't like to redirect<br>
that to the<br>
> keycloak login page to authenticate him, would there be a way<br>
for me to<br>
> do that?<br>
><br>
> --<br>
> Rodrigo Sasaki<br>
><br>
><br>
> ______________________________<u></u>_________________<br>
> keycloak-user mailing list<br>
> <a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a><br></div></div>
<mailto:<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.<u></u>jboss.org</a>><div class=""><br>
> <a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/<u></u>mailman/listinfo/keycloak-user</a><br>
><br>
<br>
--<br>
Bill Burke<br>
JBoss, a division of Red Hat<br>
<a href="http://bill.burkecentral.com" target="_blank">http://bill.burkecentral.com</a><br>
______________________________<u></u>_________________<br>
keycloak-user mailing list<br></div>
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a> <mailto:<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.<u></u>jboss.org</a>><div class="">
<br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/<u></u>mailman/listinfo/keycloak-user</a><br>
<br>
<br>
<br>
<br>
--<br>
Rodrigo Sasaki<br>
<br>
<br>
<br>
<br>
--<br>
Rodrigo Sasaki<br>
</div></blockquote>
<br><div class="HOEnZb"><div class="h5">
-- <br>
Bill Burke<br>
JBoss, a division of Red Hat<br>
<a href="http://bill.burkecentral.com" target="_blank">http://bill.burkecentral.com</a><br>
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><div dir="ltr"><font face="Times New Roman">Rodrigo Sasaki</font><div></div></div>
</div>