<div dir="ltr">Thanks, Marek,<div>I will try out the JAAS Real approach. I need authentication popup for some legacy flex application which we can not change.</div><div><br></div><div>Thanks,</div><div>Dragan</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Jun 14, 2016 at 9:54 AM, Marek Posolda <span dir="ltr">&lt;<a href="mailto:mposolda@redhat.com" target="_blank">mposolda@redhat.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
  
    
  
  <div bgcolor="#FFFFFF" text="#000000">
    <div>Hi,<br>
      <br>
      The main point of Keycloak is to provide SSO for browser based
      apps. BASIC authentication is currently supported just for REST
      endpoints, so no authentication popup. And it&#39;s generally not
      recommended. So if you have opportunity to redesign and avoid
      BASIC authentication and authentication popup, that would be the
      preferred way IMO.<br>
      <br>
      Otherwise if you really need BASIC authentication with the popup,
      then it will be better to avoid use Keycloak adapter at all in
      your WAR. Instead you can likely use Tomcat JAAS realm and
      configure the Keycloak JAAS login module (probably
      DirectAccessGrantsLoginModule) -
<a href="https://keycloak.gitbooks.io/securing-client-applications-guide/content/topics/oidc/java/jaas.html" target="_blank">https://keycloak.gitbooks.io/securing-client-applications-guide/content/topics/oidc/java/jaas.html</a><br>
      <br>
      Marek<br>
      <br>
      Not sure why you want authentication popup? <br><div><div class="h5">
      On 14/06/16 00:01, Dragan Jotanovic wrote:<br>
    </div></div></div>
    <blockquote type="cite"><div><div class="h5">
      <div dir="ltr">Hi there,
        <div><br>
        </div>
        <div>I have a war application deployed to tomcat that is
          currently secured with BASIC authentication through tomcat&#39;s
          realm. When I try to access secured page, the authentication
          popup appears.</div>
        <div>I would like to switch to keycloak securitu but I&#39;m not
          sure if it is possible to configure keycloak to force this
          authentication popup.</div>
        <div>I tried setting it up but when I try to access the secured
          page, instead of authentication popup I am redirected to
          keycloak page &quot;<span>Client is
            not allowed to initiate browser login with given
            response_type. Standard flow is disabled for the client.</span>&quot;</div>
        <div>I&#39;ve followed the instructions fromĀ <a href="https://github.com/keycloak/keycloak/tree/master/examples/basic-auth" target="_blank"></a><a href="https://github.com/keycloak/keycloak/tree/master/examples/basic-auth" target="_blank">https://github.com/keycloak/keycloak/tree/master/examples/basic-auth</a>
          andĀ <a href="http://keycloak.github.io/docs/userguide/keycloak-server/html/ch08.html#tomcat-adapter" target="_blank">http://keycloak.github.io/docs/userguide/keycloak-server/html/ch08.html#tomcat-adapter</a>.</div>
        <div><br>
        </div>
        <div>Is it possible to setup tomcat and keycloak so that the
          authentication popup would be forced to appear?</div>
        <div><br>
        </div>
        <div>Thanks</div>
      </div>
      <br>
      <fieldset></fieldset>
      <br>
      </div></div><pre>_______________________________________________
keycloak-user mailing list
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>
    </blockquote>
    <br>
  </div>

</blockquote></div><br></div>