<div dir="ltr">Well... No chance we'll add that out of the box ;)<div><br></div><div>Simple to implement yourself though, seeĀ <a href="https://keycloak.gitbooks.io/server-developer-guide/content/topics/auth-spi.html">https://keycloak.gitbooks.io/server-developer-guide/content/topics/auth-spi.html</a></div></div><div class="gmail_extra"><br><div class="gmail_quote">On 13 September 2016 at 16:48, Jess Sightler <span dir="ltr"><<a href="mailto:jsightle@redhat.com" target="_blank">jsightle@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<p>Well, this be insecurity by design. :) Basically we would like to
turn off security completely in some cases for local
installations, but this brings a lot of deployment related
considerations (multiple descriptors, conditional logic around the
logged in user, etc).</p>
<p>An authenticator that is essentially just a bypass would
accomplish the same thing without the additional complexity. It
would be similar to a default "unauthenticatedIdentity", except
with a default role as well.<br>
</p><div><div class="h5">
<br>
<div>On 09/13/2016 05:01 AM, Stian
Thorgersen wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">No there isn't anything like that. Sounds like a
potential hackers heaven as well.
<div><br>
</div>
<div>Assuming you've got the idea from WildFly. WildFly can do
that by writing to a local file to make sure the user is
indeed on the local machine. That doens't work in a web based
flow unless you can find a way to "share" a file between the
Keycloak server and the browser.</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On 12 September 2016 at 17:17, Jess
Sightler <span dir="ltr"><<a href="mailto:jsightle@redhat.com" target="_blank">jsightle@redhat.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Is there a
builtin authenticator that can provide a default user
account<br>
based upon some criteria? For example, could we provide a
default user<br>
if the client is connecting to localhost?<br>
<br>
______________________________<wbr>_________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailma<wbr>n/listinfo/keycloak-user</a><br>
</blockquote>
</div>
<br>
</div>
</blockquote>
<br>
</div></div></div>
</blockquote></div><br></div>