[keycloak-user] Realm resolver
Marek Posolda
mposolda at redhat.com
Thu Jun 25 09:24:17 EDT 2015
There might be possibility to address this with Servlet filter, which
will redirect you to the page where you can ask for the email. Only
thing is, that servlet filters are triggered later than the
authentication code on adapter side, so the filter itself would likely
need to be mapped to unsecured URI.
Other possibility is that we will improve the KeycloakConfigResolver, so
it has access to the response (not just request like it's now) and have
possibility to redirect response. But in that case, we need to do some
refactoring on the adapter side, so all the code to resolve
KeycloakDeployment will need to check if response is redirected and
finish the request processing in that case. Not sure if it's the way to
go TBH... But you can create JIRA and we can try to take a look (or you
can try to propose PR)
Marek
On 24.6.2015 20:34, Bellan Saravanan wrote:
> We're using KeycloakConfigResolver to resolve the realm based on the
> request URI. But if we are unable to resolve to a specific realm we
> want forward the user to a page where she can enter the email address
> from which we can figure out the user's realm.
>
> Since KeycloakConfigResolver cannot be used to redirect the request,
> any suggestions are how to forward to the page to manual resolution?
> We are using the Keycloak wildfly adapter.
>
> Thanks,
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150625/d08bd195/attachment-0001.html
More information about the keycloak-user
mailing list