By LogIn SPI we mean any SPI for Customizing authentication.
We need to authenticate devices which will come for authentication with their
As per keycloak-dev suggestion currently (Integrated with Keycloak_1.0.4_Final) we are
following below procedure
1. Create a new jaxrs class with two methods, one that returns the nounce and another
that authenticates the client, look at TokenService as a reference for this, specifically
2. Extend KeycloakApplication to add your new class
3. Create your own auth-server war - see 'project-integrations/aerogear-ups' as a
reference for this
Also we were told that keycloak will come up with hooks whereby we can plug in our
authentication mechanism. We want to know whether hooks(LogIn SPI) are provided with
Latest Keycloak 1.1.0_Final Release.
For reference attaching previous discussion with Keycloak-dev.
Instead of Existing one step authentication(user/pass), We need custom certificate based
authentication which is 2-step Authentication as below:
1. Bypass Login screen , instead generate nonce(UUID) and provide intermediate
Endpoint URL for Certificate based authentication.
2. Client will come to Certificate based authentication with its certificate and
encrypted UUID. After Validating Encrypted UUID
and Client certificate server should generate “Access code”.
Lakshmi Narayana V
From: Stian Thorgersen [mailto:firstname.lastname@example.org]
Sent: Tuesday, February 03, 2015 1:40 PM
To: Lakshmi Narayana VADALI (lvadali)
Subject: Re: [keycloak-dev] Do we have Login SPI with Keycloak_1.1.0_Final?
----- Original Message -----
From: "Lakshmi Narayana VADALI (lvadali)"
Sent: Tuesday, 3 February, 2015 8:03:56 AM
Subject: [keycloak-dev] Do we have Login SPI with Keycloak_1.1.0_Final?
Congrats Team for Keycloak 1.1.0.Final Release loaded with features.
We are planning to integrate our code with Latest Keycloak. So Can you
please confirm do we have full support for Below features in
1. Login SPI
Not sure what you're referring to
2. HA Support
3. Clustering Support
Yes, it's one of the top new features in 1.1, so yes of course
Lakshmi Narayana V
keycloak-dev mailing list