AFAIK, by default x509 authentication in KC uses a decimal representation when mapping
the serial number to a user identity. As a temp workaround, you can try augmenting the DN
field and then configure the x509 auth to use the regular expression identity extractor to
get the value.
My $.02 cents
From: keycloak-user-bounces(a)lists.jboss.org [keycloak-user-bounces(a)lists.jboss.org] on
behalf of Karol Buler [K.Buler(a)adbglobal.com]
Sent: Friday, June 29, 2018 4:21 AM
Subject: [keycloak-user] x509 - serial number as a HEX
is there any possibility to get Serial Number field from certificate in
x509 authentication flow as a HEX value instead of Integer.
I've set the x509 Direct Grant authentication flow to take Serial Number
as a username, and I've expected that there will be a HEX value, which I
see in certificate, but I've got Integer representation of it in my User
Storage Federation's classes.
This message (including any attachments) may contain confidential, proprietary, privileged
and/or private information. The information is intended for the use of the individual or
entity designated above. If you are not the intended recipient of this message, please
notify the sender immediately, and delete the message and any attachments. Any disclosure,
reproduction, distribution or other use of this message or any attachments by an
individual or entity other than the intended recipient is STRICTLY PROHIBITED.
Please note that ADB protects your privacy. Any personal information we collect from you
is used in accordance with our Privacy
and in compliance with applicable
European data protection law (Regulation (EU) 2016/679, General Data Protection
Regulation) and other statutory provisions.
keycloak-user mailing list