[keycloak-user] Realm resolver

Marek Posolda mposolda at redhat.com
Thu Jun 25 09:24:17 EDT 2015

There might be possibility to address this with Servlet filter, which 
will redirect you to the page where you can ask for the email. Only 
thing is, that servlet filters are triggered later than the 
authentication code on adapter side, so the filter itself would likely 
need to be mapped to unsecured URI.

Other possibility is that we will improve the KeycloakConfigResolver, so 
it has access to the response (not just request like it's now) and have 
possibility to redirect response. But in that case, we need to do some 
refactoring on the adapter side, so all the code to resolve 
KeycloakDeployment will need to check if response is redirected and 
finish the request processing in that case. Not sure if it's the way to 
go TBH... But you can create JIRA and we can try to take a look (or you 
can try to propose PR)


On 24.6.2015 20:34, Bellan Saravanan wrote:
> We're using KeycloakConfigResolver to resolve the realm based on the 
> request URI. But if we are unable to resolve to a specific realm we 
> want forward the user to a page where she can enter the email address 
> from which we can figure out the user's realm.
> Since KeycloakConfigResolver cannot be used to redirect the request, 
> any suggestions are how to forward to the page to manual resolution? 
> We are using the Keycloak wildfly adapter.
> Thanks,
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150625/d08bd195/attachment-0001.html 

More information about the keycloak-user mailing list