Hello.
We currently are using Keycloak with Kerberos and SAML browser authentication (both set to
ALTERNATIVE). We have a requirement to try SAML authentication first then try Kerberos.
This works properly when attempting from outside the Kerberos domain. When trying inside
the domain Kerberos always win out. Is it possible to set the authentication order to try
SAML first then Kerberos? I am not sure if this is possible or not with Keycloak but
wanted more info on if this is possible or not. If it is possible how would we configure
this?
Thanks!!!!
Show replies by date