10:43 a.m.
Hello,
I currently have Keycloak (5.0.0) configured to use X.509 client
certificate authentication. However I have not been able to figure out a
good way to handle the registration flow. What I would like to happen is
have the `username` field on the registration form automatically populated
with the certificate CN. Is there a way to handle this out of the box, or
do I need to write a custom authentication SPI?
Thanks,
Justin W.
2:58 a.m.
On 24/04/2019 17:43, Justin Williams wrote:
Hello,
I currently have Keycloak (5.0.0) configured to use X.509 client
certificate authentication. However I have not been able to figure out a
good way to handle the registration flow. What I would like to happen is
have the `username` field on the registration form automatically populated
with the certificate CN. Is there a way to handle this out of the box, or
do I need to write a custom authentication SPI?
I think you need to write custom Authentication SPI. See documentation
for the Registration SPI - maybe we have some examples or quickstarts
for this, but not 100% sure.
Marek
Thanks,
Justin W.
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
4:21 a.m.
As far as I remember the X509 registration flow is not implemented.
You may search the mailing list from my previous responses on similar
topics. I believe someone from the community volunteered to contribute it
(but I might be wrong here).
On Fri, Apr 26, 2019 at 10:00 AM Marek Posolda <mposolda(a)redhat.com> wrote:
On 24/04/2019 17:43, Justin Williams wrote:
> Hello,
>
> I currently have Keycloak (5.0.0) configured to use X.509 client
> certificate authentication. However I have not been able to figure out a
> good way to handle the registration flow. What I would like to happen is
> have the `username` field on the registration form automatically
populated
> with the certificate CN. Is there a way to handle this out of the box, or
> do I need to write a custom authentication SPI?
I think you need to write custom Authentication SPI. See documentation
for the Registration SPI - maybe we have some examples or quickstarts
for this, but not 100% sure.
Marek
>
> Thanks,
> Justin W.
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
2072
days inactive
2074
days old
2 comments
3 participants
participants (3)
-
Justin Williams -
Marek Posolda -
Sebastian Laskawiec