<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">ah, you want to display custom error
messages on login screen. It seems you may need to override the
UsernamePasswordForm . Take a look at Authentication SPI
documentation and examples for how to do it.<br>
<br>
Btv. not sure if it's very good to create custom messages based on
errors as it can give potential attacker some details about your
users. For example we always display "Invalid username or
password" error regardless if tried username exists or not, so the
attacked doesn't have possibility to "guess" usernames (Some sites
display "Invalid user" if username doesn't exist and "Invalid
password" if user exists, but password is incorrect. We display
single message in both cases).<br>
<br>
Marek<br>
<br>
On 26/10/15 11:32, alex orl wrote:<br>
</div>
<blockquote
cite="mid:562231933.4426568.1445855536365.JavaMail.yahoo@mail.yahoo.com"
type="cite">
<div style="color:#000; background-color:#fff;
font-family:HelveticaNeue, Helvetica Neue, Helvetica, Arial,
Lucida Grande, sans-serif;font-size:13px">
<div dir="ltr" id="yui_3_16_0_1_1445854604267_4028">thanks for
your answer. Well, i suddenly tried your suggestion adding a
throw new ModelException("My message"); inside my provider
class.</div>
<div id="yui_3_16_0_1_1445854604267_4140" dir="ltr">The
exception is thrown but the login page is redirected to the
standard error page just displaying the message:</div>
<div id="yui_3_16_0_1_1445854604267_4232" dir="ltr"><br>
</div>
<div id="kc-container" class="">
<div id="kc-container-wrapper" class="">
<div id="kc-header" class="">
<div id="kc-header-wrapper" class=""> We're <strong
class="" id="yui_3_16_0_1_1445854604267_4239">sorry</strong>
...
</div>
</div>
<div id="kc-feedback-placeholder" class=""> </div>
<div id="kc-locale" class="">
<div id="kc-locale-wrapper" class="">
<div class="" id="kc-locale-dropdown"> <br>
</div>
</div>
</div>
<div id="kc-content" class="">
<div id="kc-content-wrapper" class="">
<div id="kc-form" class="">
<div id="kc-form-wrapper" class="">
<div class="" id="kc-error-message">
<div id="yui_3_16_0_1_1445854604267_4251" class="">Unexpected
error when handling authentication request to
identity provider.</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<div id="yui_3_16_0_1_1445854604267_4029"><br>
</div>
<div id="yui_3_16_0_1_1445854604267_4011"><br>
</div>
<div id="yui_3_16_0_1_1445854604267_4384">How can i make the "My
Message" exception message to be displayed on the login page?</div>
<div id="yui_3_16_0_1_1445854604267_4518">thanks<br>
<span></span></div>
<div id="yui_3_16_0_1_1445854604267_4383"><span></span></div>
<br>
<div class="qtdSeparateBR"><br>
<br>
</div>
<div style="display: block;" class="yahoo_quoted">
<div style="font-family: HelveticaNeue, Helvetica Neue,
Helvetica, Arial, Lucida Grande, sans-serif; font-size:
13px;">
<div style="font-family: HelveticaNeue, Helvetica Neue,
Helvetica, Arial, Lucida Grande, sans-serif; font-size:
16px;">
<div dir="ltr"> <font face="Arial" size="2"> Il Lunedì 26
Ottobre 2015 8:49, Marek Posolda
<a class="moz-txt-link-rfc2396E" href="mailto:mposolda@redhat.com"><mposolda@redhat.com></a> ha scritto:<br>
</font> </div>
<br>
<br>
<div class="y_msg_container">
<div id="yiv0698708256">
<div>
<div class="yiv0698708256moz-cite-prefix">On
24/10/15 23:27, alex orl wrote:<br clear="none">
</div>
<blockquote type="cite">
<div
style="color:#000;background-color:#fff;font-family:HelveticaNeue,
Helvetica Neue, Helvetica, Arial, Lucida Grande,
sans-serif;font-size:13px;">
<div class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2637"><font
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2639"
face="Helvetica, arial, nimbussansl,
liberationsans, freesans, clean, sans-serif,
Segoe UI Emoji, Segoe UI Symbol"
color="#333333"><span class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2641"
style="line-height:18.2px;">I'm using
jboss keycloak 1.5 final version.</span></font></div>
<div class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2643"><font
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2645"
face="Helvetica, arial, nimbussansl,
liberationsans, freesans, clean, sans-serif,
Segoe UI Emoji, Segoe UI Symbol"
color="#333333"><span class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2647"
style="line-height:18.2px;">I developed my
custom user federation provider
interfacing with keycloak properties and
my user enterprise database. </span></font></div>
<div class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2649"><font
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2651"
face="Helvetica, arial, nimbussansl,
liberationsans, freesans, clean, sans-serif,
Segoe UI Emoji, Segoe UI Symbol"
color="#333333"><span class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2653"
style="line-height:18.2px;"><br
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2655"
clear="none">
</span></font></div>
<div class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2657"><font
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2659"
face="Helvetica, arial, nimbussansl,
liberationsans, freesans, clean, sans-serif,
Segoe UI Emoji, Segoe UI Symbol"
color="#333333"><span class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2661"
style="line-height:18.2px;">My need is to
send up to user the login interface custom
error messages based on particular
specific error related to my legacy user
db.</span></font></div>
<div class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2663"><font
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2665"
face="Helvetica, arial, nimbussansl,
liberationsans, freesans, clean, sans-serif,
Segoe UI Emoji, Segoe UI Symbol"
color="#333333"><span class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2667"
style="line-height:18.2px;"><br
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2669"
clear="none">
</span></font></div>
<div class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2671"><font
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2673"
face="Helvetica, arial, nimbussansl,
liberationsans, freesans, clean, sans-serif,
Segoe UI Emoji, Segoe UI Symbol"
color="#333333"><span class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2675"
style="line-height:18.2px;">I saw keycloak
themes have a resources folder by which i
can localize and add new messages. Then i
can reference them by angular js using </span></font></div>
<div class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2677"><font
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2679"
face="Helvetica, arial, nimbussansl,
liberationsans, freesans, clean, sans-serif,
Segoe UI Emoji, Segoe UI Symbol"
color="#333333"><span class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2681"
style="line-height:18.2px;"><br
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2683"
clear="none">
</span></font></div>
<div class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2685"><font
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2687"
face="Helvetica, arial, nimbussansl,
liberationsans, freesans, clean, sans-serif,
Segoe UI Emoji, Segoe UI Symbol"
color="#333333"><span class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2689"
style="line-height:18.2px;"> $myMessage</span></font></div>
<div class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2691"><font
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2693"
face="Helvetica, arial, nimbussansl,
liberationsans, freesans, clean, sans-serif,
Segoe UI Emoji, Segoe UI Symbol"
color="#333333"><span class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2695"
style="line-height:18.2px;"><br
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2697"
clear="none">
</span></font></div>
<div class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2699"><font
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2701"
face="Helvetica, arial, nimbussansl,
liberationsans, freesans, clean, sans-serif,
Segoe UI Emoji, Segoe UI Symbol"
color="#333333"><span class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2703"
style="line-height:18.2px;">notation. The
problem is i want to rise up a message
from keycloak server. My user federation
provider implements UserFederationProvider
interface. So i should have to override:</span></font></div>
<div class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2705"><font
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2707"
face="Helvetica, arial, nimbussansl,
liberationsans, freesans, clean, sans-serif,
Segoe UI Emoji, Segoe UI Symbol"
color="#333333"><span class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2709"
style="line-height:18.2px;"><br
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2711"
clear="none">
</span></font></div>
<div class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2713"><font
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2715"
face="Helvetica, arial, nimbussansl,
liberationsans, freesans, clean, sans-serif,
Segoe UI Emoji, Segoe UI Symbol"
color="#333333"><span class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2717"
style="line-height:18.2px;"> @Override</span></font></div>
<div class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2719"><font
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2721"
face="Helvetica, arial, nimbussansl,
liberationsans, freesans, clean, sans-serif,
Segoe UI Emoji, Segoe UI Symbol"
color="#333333"><span class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2723"
style="line-height:18.2px;"><span class="yiv0698708256" id="yiv0698708256yui_3_16_0_1_1445721568491_2725" style="white-space:pre-wrap;"> </span>public
CredentialValidationOutput
validCredentials(RealmModel realm,
UserCredentialModel credential) {</span></font></div>
<div class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2727"><font
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2729"
face="Helvetica, arial, nimbussansl,
liberationsans, freesans, clean, sans-serif,
Segoe UI Emoji, Segoe UI Symbol"
color="#333333"><span class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2731"
style="line-height:18.2px;"><span class="yiv0698708256" id="yiv0698708256yui_3_16_0_1_1445721568491_2733" style="white-space:pre-wrap;"> </span>LOGGER.info("validCredentials(realm,
credential)");</span></font></div>
<div class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2735"><font
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2737"
face="Helvetica, arial, nimbussansl,
liberationsans, freesans, clean, sans-serif,
Segoe UI Emoji, Segoe UI Symbol"
color="#333333"><span class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2739"
style="line-height:18.2px;"><span class="yiv0698708256" id="yiv0698708256yui_3_16_0_1_1445721568491_2741" style="white-space:pre-wrap;"> </span>return
CredentialValidationOutput.failed();</span></font></div>
<div class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2743"><font
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2745"
face="Helvetica, arial, nimbussansl,
liberationsans, freesans, clean, sans-serif,
Segoe UI Emoji, Segoe UI Symbol"
color="#333333"><span class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2747"
style="line-height:18.2px;"><span class="yiv0698708256" id="yiv0698708256yui_3_16_0_1_1445721568491_2749" style="white-space:pre-wrap;"> </span>}</span></font></div>
<div class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2751"><font
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2753"
face="Helvetica, arial, nimbussansl,
liberationsans, freesans, clean, sans-serif,
Segoe UI Emoji, Segoe UI Symbol"
color="#333333"><span class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2755"
style="line-height:18.2px;"><br
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2757"
clear="none">
</span></font></div>
<div class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2751"><font
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2901"
face="Helvetica, arial, nimbussansl,
liberationsans, freesans, clean, sans-serif,
Segoe UI Emoji, Segoe UI Symbol"
color="#333333"><span class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2900"
style="line-height:18.2px;"> </span></font>
<div class="yiv0698708256" dir="ltr"
id="yiv0698708256yui_3_16_0_1_1445721568491_2759"
style="color:rgb(0, 0,
0);font-family:HelveticaNeue, 'Helvetica
Neue', Helvetica, Arial, 'Lucida Grande',
sans-serif;line-height:normal;"><font
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2800"
face="Helvetica, arial, nimbussansl,
liberationsans, freesans, clean,
sans-serif, Segoe UI Emoji, Segoe UI
Symbol" color="#333333"><span
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2799"
style="line-height:18.2px;">In the
UserFederationProvider interface i read
that </span></font><span
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2906"
style="line-height:18.2px;color:rgb(51,
51, 51);font-family:Helvetica, arial,
nimbussansl, liberationsans, freesans,
clean, sans-serif, 'Segoe UI Emoji',
'Segoe UI Symbol';">validCredentials :</span></div>
<div class="yiv0698708256" dir="ltr"
id="yiv0698708256yui_3_16_0_1_1445721568491_2759"
style="color:rgb(0, 0,
0);font-family:HelveticaNeue, 'Helvetica
Neue', Helvetica, Arial, 'Lucida Grande',
sans-serif;line-height:normal;"><font
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2876"
face="Helvetica, arial, nimbussansl,
liberationsans, freesans, clean,
sans-serif, Segoe UI Emoji, Segoe UI
Symbol" color="#333333"><span
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2875"><span
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2874"
style="line-height:18.2px;">Validate
credentials of unknown user. The
authenticated user is recognized based
on provided credentials and returned
back in CredentialValidationOutput</span></span></font></div>
</div>
<div class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2751"><font
class="yiv0698708256" face="Helvetica,
arial, nimbussansl, liberationsans,
freesans, clean, sans-serif, Segoe UI Emoji,
Segoe UI Symbol" color="#333333"><span
class="yiv0698708256"
style="line-height:18.2px;"><br
clear="none">
</span></font></div>
<div class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2759"><font
class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2761"
face="Helvetica, arial, nimbussansl,
liberationsans, freesans, clean, sans-serif,
Segoe UI Emoji, Segoe UI Symbol"
color="#333333"><span class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2763"
style="line-height:18.2px;">It seems to be
the method i was looking for just because
CredentialValidationOutput contains custom
messages to be sent as validation output.
The problem is this method is never
called.</span></font></div>
</div>
</blockquote>
<font color="#333333"><font face="Helvetica, arial,
nimbussansl, liberationsans, freesans, clean,
sans-serif, Segoe UI Emoji, Segoe UI Symbol">This
method is called by Keycloak just during
use-cases, when you want to authenticate with
unknown user. Which is currently during
Kerberos/SPNEGO login. It's not called during
basic flow with username/password
authentication. <br clear="none">
<br clear="none">
I think if you want to propagate error messages,
you can for example throw ModelException with
the error message you want.</font></font><br
clear="none">
<blockquote type="cite">
<div
style="color:#000;background-color:#fff;font-family:HelveticaNeue,
Helvetica Neue, Helvetica, Arial, Lucida Grande,
sans-serif;font-size:13px;">
<div class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2759"><font
class="yiv0698708256" face="Helvetica,
arial, nimbussansl, liberationsans,
freesans, clean, sans-serif, Segoe UI Emoji,
Segoe UI Symbol" color="#333333"><span
class="yiv0698708256"
style="line-height:18.2px;"><br
clear="none">
</span></font></div>
<div class="yiv0698708256"
id="yiv0698708256yui_3_16_0_1_1445721568491_2759">The
same happens to the close method. It's never
called at the end of each request so i cannot
dispose my objects</div>
<div class="yiv0698708256" dir="ltr"
id="yiv0698708256yui_3_16_0_1_1445721568491_2759"><span
style="line-height:18.2px;color:rgb(51, 51,
51);font-family:Helvetica, arial,
nimbussansl, liberationsans, freesans,
clean, sans-serif, 'Segoe UI Emoji', 'Segoe
UI Symbol';">Why?</span><br clear="none">
</div>
</div>
</blockquote>
Feel free to create JIRA for the close method.<br
clear="none">
<br clear="none">
Marek
<div class="yiv0698708256yqt2250588427"
id="yiv0698708256yqtfd44126"><br clear="none">
</div>
<blockquote type="cite">
<div class="yiv0698708256yqt2250588427"
id="yiv0698708256yqtfd72864"> </div>
<div
style="color:#000;background-color:#fff;font-family:HelveticaNeue,
Helvetica Neue, Helvetica, Arial, Lucida Grande,
sans-serif;font-size:13px;">
<div class="yiv0698708256yqt2250588427"
id="yiv0698708256yqtfd65595">
<div class="yiv0698708256" dir="ltr"
id="yiv0698708256yui_3_16_0_1_1445721568491_2759"><span
id="yiv0698708256yui_3_16_0_1_1445721568491_2938"
style="line-height:18.2px;color:rgb(51,
51, 51);font-family:Helvetica, arial,
nimbussansl, liberationsans, freesans,
clean, sans-serif, 'Segoe UI Emoji',
'Segoe UI Symbol';">Thanks a lot</span></div>
</div>
</div>
<br clear="none">
<fieldset
class="yiv0698708256mimeAttachmentHeader"></fieldset>
<br clear="none">
<pre>_______________________________________________
keycloak-user mailing list
<a moz-do-not-send="true" rel="nofollow" shape="rect" class="yiv0698708256moz-txt-link-abbreviated" ymailto="mailto:keycloak-user@lists.jboss.org" target="_blank" href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a>
<a moz-do-not-send="true" rel="nofollow" shape="rect" class="yiv0698708256moz-txt-link-freetext" target="_blank" href="https://lists.jboss.org/mailman/listinfo/keycloak-user">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>
<div class="yiv0698708256yqt2250588427"
id="yiv0698708256yqtfd81990"> </div>
</blockquote>
<div class="yiv0698708256yqt2250588427"
id="yiv0698708256yqtfd17232"> <br clear="none">
</div>
</div>
</div>
<br>
<br>
</div>
</div>
</div>
</div>
</div>
</blockquote>
<br>
</body>
</html>