7:42 a.m.
Hi,
Somehow, when using keycloak SAML auth on our application, chrome on
windows is presenting us a basic http popup logon window.
In that case, the URL looks like:
We have to cancel that popup, to end up in the regular keycloak login page.
The URL then becomes:
Since this only happens on chrome on windows, I thought that this
perhaps was a kerberos-auth going wrong. So i disabled kerberos, but it
keeps happening.
Using other browsers, we end up in the regular second /login-actions/
logon screen straight away.
The chrome popup is also NOT useable: if we provide a valid
username/password, we will NOT become authenticated, but we end up in
the "WE'RE SORRY... Unexpected error when handling authentication
request to identity provider."
Can anyone explain this? (keycloak 2.3.0)
MJ
2:23 p.m.
On 13/12/16 14:42, lists wrote:
Hi,
Somehow, when using keycloak SAML auth on our application, chrome on
windows is presenting us a basic http popup logon window.
In that case, the URL looks like:
>
https://keycloak.company.com/auth/realms/testrealm/protocol/saml?SAMLRequ....
We have to cancel that popup, to end up in the regular keycloak login page.
The URL then becomes:
>
https://keycloak.company.com/auth/realms/testrealm/login-actions/authenti....
Since this only happens on chrome on windows, I thought that this
perhaps was a kerberos-auth going wrong. So i disabled kerberos, but it
keeps happening.
Depends what exactly means "I disabled kerberos" ? Did
you switch the
SPNEGO authenticator in the "Browser" authenticationFlow of your realm
to DISABLED?
Marek
Using other browsers, we end up in the regular second /login-actions/
logon screen straight away.
The chrome popup is also NOT useable: if we provide a valid
username/password, we will NOT become authenticated, but we end up in
the "WE'RE SORRY... Unexpected error when handling authentication
request to identity provider."
Can anyone explain this? (keycloak 2.3.0)
MJ
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
midnight
Strange - this should not happen. Do you have steps to reproduce? Please
create a JIRA if you do and also include a screenshot.
On 13 December 2016 at 14:42, lists <lists(a)merit.unu.edu> wrote:
Hi,
Somehow, when using keycloak SAML auth on our application, chrome on
windows is presenting us a basic http popup logon window.
In that case, the URL looks like:
> https://keycloak.company.com/auth/realms/testrealm/
protocol/saml?SAMLRequest=fVHJbsIwEP2VyPfEOCk0sUgkIKVC6o
JK1UMvlZWYYsmxU8%2B4y9%2FXCUKiPXB9M2%2FeMnMQne...
We have to cancel that popup, to end up in the regular keycloak login page.
The URL then becomes:
> https://keycloak.company.com/auth/realms/testrealm/login-
actions/authenticate?code=lmCA9w6F-KuQAefH1Iq5mDpBznYOjP2JE3Znooe
L9Uc.e01284fe-0ad4-4efb-8314-f...
Since this only happens on chrome on windows, I thought that this
perhaps was a kerberos-auth going wrong. So i disabled kerberos, but it
keeps happening.
Using other browsers, we end up in the regular second /login-actions/
logon screen straight away.
The chrome popup is also NOT useable: if we provide a valid
username/password, we will NOT become authenticated, but we end up in
the "WE'RE SORRY... Unexpected error when handling authentication
request to identity provider."
Can anyone explain this? (keycloak 2.3.0)
MJ
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
3:57 a.m.
Hi,
On 14-12-2016 7:00, Stian Thorgersen wrote:
Strange - this should not happen. Do you have steps to reproduce?
Please
create a JIRA if you do and also include a screenshot.
I have been trying to reproduce this on 2.4.0 but I cannot. (it was
happening on 2.3.0)
I guess this became fixed somehow.
MJ
2709
days inactive
2716
days old
4 comments
4 participants
participants (4)
-
lists -
Marek Posolda -
mj
-
Stian Thorgersen