Re: [keycloak-user] JBoss EAP/WildFly Adapter - JAAS Login Module for OTP

Hi According to the Security APP Documentation , I can provide an adapter config file in WAR and change the auth-method to KEYCLOAK within web.xml. Alternatively, I don’t have to modify WAR at all and I can secure it via the Keycloak adapter subsystem configuration in the configuration file, such as standalone.xml But my app have a FORM Login Authentication mechanism: in web.xml I have so <login-config> <auth-method>FORM</auth-method> <realm-name></realm-name> <form-login-config> <form-login-page>/Login.jsp</form-login-page> <form-error-page>/LoginError.jsp</form-error-page> </form-login-config> </login-config> and accoding to this the Login.jsp is submitting value to the "j_security_check" I want continue to use this but I want KEYCLOAK take control to check credentials (and manage the OTP) It is not clear (not able to found) if there is some "standard" adapater or login module available and the "name" to give to the OTP field in the login form e.g. using PicketBox https://developer.jboss.org/wiki/OTPIntegrationWithJBossApplicationServer but now PicketLink and Keycloak projects are merged and I want to use a similar way using OTP and the Keycloak server So I'm looking for the Keycloak replacement of JBossTimeBasedOTPLoginModule (and related setup) <login-module code="org.jboss.security.auth.spi.otp.JBossTimeBasedOTPLoginModule" /> Do you have any idea? Thanks _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user