Re: [windup-dev] [keycloak-user] IP Address based default user

Tuesday, 13 September 2016

Well, this be insecurity by design. :) Basically we would like to turn 
off security completely in some cases for local installations, but this 
brings a lot of deployment related considerations (multiple descriptors, 
conditional logic around the logged in user, etc).

An authenticator that is essentially just a bypass would accomplish the 
same thing without the additional complexity. It would be similar to a 
default "unauthenticatedIdentity", except with a default role as well.

On 09/13/2016 05:01 AM, Stian Thorgersen wrote:
...
 No there isn't anything like that. Sounds like a potential
hackers 
 heaven as well.

 Assuming you've got the idea from WildFly. WildFly can do that by 
 writing to a local file to make sure the user is indeed on the local 
 machine. That doens't work in a web based flow unless you can find a 
 way to "share" a file between the Keycloak server and the browser.

 On 12 September 2016 at 17:17, Jess Sightler <jsightle(a)redhat.com 
 <mailto:jsightle@redhat.com>> wrote:

     Is there a builtin authenticator that can provide a default user
     account
     based upon some criteria? For example, could we provide a default user
     if the client is connecting to localhost?

     _______________________________________________
     keycloak-user mailing list
     keycloak-user(a)lists.jboss.org <mailto:keycloak-user@lists.jboss.org>
     https://lists.jboss.org/mailman/listinfo/keycloak-user
     <https://lists.jboss.org/mailman/listinfo/keycloak-user>

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013