I'm looking to move our product to Keycloak for authentication/authorization.  Currently some of our apps/services are protected with Java's form-based authentication.  In particular, certain clients (Java and .Net) are making HTTP POSTs of username/password to a URI such as:

   http://[SERVER]:8080/my_resource/j_security_check

They are then including all cookies in the POST response on all subsequent HTTP requests.

I was wondering if there was way to mimic/redirect/support this behavior in a Keycloak protected service without requiring changes in the various client code accessing it as described above.  If it helps, I'll be enabling Keycloak's basic auth support (over SSL) as well.

Any hints or possible solutions would be greatly appreciated.

Thanks,

Guy