Re: [keycloak-user] SAML quickstart example
On 20/02/18 14:01, tdtappe wrote:
Doing my first steps with keycloak I successfully setup a keycloak
(3.4.3.Final) instance and explored the vanilla sample app. Now I want to
try the SAML sample app (app-profile-saml-jee-jsp).
After modifying the web.xml to use KEYCLOAK instead of KEYCLOAK-SAML as the
auth-method (I was getting an error: "Unknown authentication mechanism
KEYCLOAK-SAML") I was able to build and deploy the app to my Wildfly 10.1
instance.
Question: Was it correct to change the auth-method to KEYCLOAK?
No, it's not
correct AFAIK. Method KEYCLOAK can be used just if you
installed the OpenID Connect keycloak adapter subsystem into your
Wildfly and it's useful just for OpenID Connect clients. SAML clients
need KEYCLOAK-SAML authentication mechanism.
Why you changed that? Is it stated in some documentation or README that
SAML clients are supposed to use KEYCLOAK method? If yes, it's not
correct and we should likely fix it.
Marek
If I now access the sample app and click on "Login" (or trying to access
profile.jsp) I get a "Forbidden" error.
AFAICT, I set up keycloak for the sample app as decribed in the
documentation/readme.
Any ideas?
--Heiko
--
Sent from: http://keycloak-user.88327.x6.nabble.com/
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user