By LogIn SPI we mean any SPI for Customizing authentication.
We need to authenticate devices which will come for authentication with their
certificate.
As per keycloak-dev suggestion currently (Integrated with Keycloak_1.0.4_Final) we are
following below procedure
1. Create a new jaxrs class with two methods, one that returns the nounce and another
that authenticates the client, look at TokenService as a reference for this, specifically
at TokenService.grantAccessToken.
2. Extend KeycloakApplication to add your new class
3. Create your own auth-server war - see 'project-integrations/aerogear-ups' as a
reference for this
Also we were told that keycloak will come up with hooks whereby we can plug in our
authentication mechanism. We want to know whether hooks(LogIn SPI) are provided with
Latest Keycloak 1.1.0_Final Release.
For reference attaching previous discussion with Keycloak-dev.
Our Requirement:
Instead of Existing one step authentication(user/pass), We need custom certificate based
authentication which is 2-step Authentication as below:
1. Bypass Login screen , instead generate nonce(UUID) and provide intermediate
Endpoint URL for Certificate based authentication.
2. Client will come to Certificate based authentication with its certificate and
encrypted UUID. After Validating Encrypted UUID
and Client certificate server should generate “Access code”.
Thanks,
Lakshmi Narayana V
-----Original Message-----
From: Stian Thorgersen [mailto:stian@redhat.com]
Sent: Tuesday, February 03, 2015 1:40 PM
To: Lakshmi Narayana VADALI (lvadali)
Cc: keycloak-dev(a)lists.jboss.org
Subject: Re: [keycloak-dev] Do we have Login SPI with Keycloak_1.1.0_Final?
----- Original Message -----
From: "Lakshmi Narayana VADALI (lvadali)"
<lvadali(a)cisco.com>
To: keycloak-dev(a)lists.jboss.org
Sent: Tuesday, 3 February, 2015 8:03:56 AM
Subject: [keycloak-dev] Do we have Login SPI with Keycloak_1.1.0_Final?
Congrats Team for Keycloak 1.1.0.Final Release loaded with features.
We are planning to integrate our code with Latest Keycloak. So Can you
please confirm do we have full support for Below features in
Keycloak_1.1.0_Final Release.
1. Login SPI
Not sure what you're referring to
2. HA Support
Yes
3. Clustering Support
Yes, it's one of the top new features in 1.1, so yes of course
Thanks,
Lakshmi Narayana V
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev