5:31 a.m.
I am looking to use KeyCloak to authenticate our software.
Some of our the components of our software are java desktop applications.
I know that I can send an openid connection from my application to KeyCloak
to get a JWT. Looking at this protocol, it seems only to support
username/password. Is there a recommended way to use Kerberose, to
authenticate so that my windows users do not need to type username/password
if they are logged in correctly to their desktops ?
Chris
11:51 a.m.
We don't have support for this yet, but we may add it. Just not sure
when...
I've created JIRA https://issues.jboss.org/browse/KEYCLOAK-1751 .
We may need to create utility, which will start GSSAPI client
interaction ( initSecContext ) and will use the kerberos ticket from the
desktop cache , which will be send in the direct grant request. Then on
keycloak side, we will have DirectGrantAuthenticator implementation,
which will be able to call "acceptSecContext" and validate token sent
from client.
Marek
On 11.8.2015 12:31, Christopher Davies wrote:
I am looking to use KeyCloak to authenticate our software.
Some of our the components of our software are java desktop applications.
I know that I can send an openid connection from my application to
KeyCloak to get a JWT. Looking at this protocol, it seems only to
support username/password. Is there a recommended way to use
Kerberose, to authenticate so that my windows users do not need to
type username/password if they are logged in correctly to their desktops ?
Chris
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
3425
days inactive
3425
days old
1 comments
2 participants
participants (2)
-
Christopher Davies -
Marek Posolda