<div dir="ltr"><div><div><div><div>Hi Thomas,<br><br></div>As you suggested I tried out in implementing a custom Required Action. It worked fine for normal Browser auth flow, but didn't for the Direct Grant auth flow (doesn't even return tokens when a Required Action is in place). Hence I had to implement the same through a custom Authentication Flow (extra Execution step) and added it to both Browser and Direct Grant flows. Now it seems to be working fine.<br><br></div>Many thanks for your initial suggestion that paved the way to get this done!<br><br></div><div>Thanks Marek for your suggestion as well - but as per our use case, retrieving data from existing user sessions would not work.<br> <br></div><div><br></div>Regards,<br></div>Lohitha.<br><div><div><div><div><div><div><br><br></div></div></div></div></div></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, May 13, 2016 at 3:14 PM, Lohitha Chiranjeewa <span dir="ltr"><<a href="mailto:kalc04@gmail.com" target="_blank">kalc04@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div>Thanks for suggestions guys, will try out and see how it works.<br><br></div>Regards,<br></div>Lohitha. <br></div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><div class="gmail_quote">On Wed, May 11, 2016 at 12:53 PM, Marek Posolda <span dir="ltr"><<a href="mailto:mposolda@redhat.com" target="_blank">mposolda@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>Another possibility is to look at
userSession (this info is available in admin console). When user
authenticates, the new userSession is created for him with the
"started" attribute containing the time of authentication. In
admin console (and also via REST endpoints) there is possibility
to look at all userSessions of particular user, so you can chose
the one with last "started" attribute.<br>
<br>
This requires some additional work for parse userSessions and also
there is corner case when this info is not accurate (as new
userSession is also created when "verify-email" is requested for
particular user, which is not the time of successful
authentication of particular user).<br>
<br>
On the other hand, you don't need the custom Authenticator
implementation. And there is also performance penalty in store the
info in DB in user attributes, because you need to write to DB and
update user during each login.<span><font color="#888888"><br>
<br>
Marek</font></span><div><div><br>
<br>
<br>
On 10/05/16 17:10, Thomas Darimont wrote:<br>
</div></div></div><div><div>
<blockquote type="cite">
<div dir="ltr">Would be great to store some additional information
like:
<div>- count of failed logins</div>
<div>- last failed login date</div>
<div><br>
</div>
<div>Cheers,</div>
<div>Thomas</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">2016-05-10 14:38 GMT+02:00 Thomas
Darimont <span dir="ltr"><<a href="mailto:thomas.darimont@googlemail.com" target="_blank">thomas.darimont@googlemail.com</a>></span>:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">Hello,
<div><br>
</div>
<div>I implemented a custom RequiredAction that maintains
stuff like:</div>
<div>- first login time</div>
<div>- most recent login time</div>
<div>- login count</div>
<div>in user attributes.</div>
<div><br>
</div>
<div>Cheers,</div>
<div>Thomas</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">
<div>
<div>2016-05-10 14:35 GMT+02:00 Lohitha
Chiranjeewa <span dir="ltr"><<a href="mailto:kalc04@gmail.com" target="_blank"></a><a href="mailto:kalc04@gmail.com" target="_blank">kalc04@gmail.com</a>></span>:<br>
</div>
</div>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div>
<div>
<div dir="ltr">
<div>
<div>
<div>Hi,<br>
<br>
</div>
Is there a way to retrieve the last login
time of a given user? <br>
<br>
I checked the Admin Console, Rest
specification and the mysql DB structure but
couldn't find a place where that bit of
information could be stored and retrieved
from. Have I missed a place or is that
feature not available (yet)?<br>
<br>
<br>
</div>
Regards,<br>
</div>
Lohitha.<br>
</div>
<br>
</div>
</div>
_______________________________________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br>
</blockquote>
</div>
<br>
</div>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset></fieldset>
<br>
<pre>_______________________________________________
keycloak-user mailing list
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>
</blockquote>
<br>
</div></div></div>
</blockquote></div><br></div>
</div></div></blockquote></div><br></div>