[keycloak-user] UserFederationProvider CredentialValidationOutput validCredentials and close method never called

alex orl alex_orl1079 at yahoo.it
Mon Oct 26 06:32:16 EDT 2015 

thanks for your answer. Well, i suddenly tried your suggestion adding a throw new ModelException("My message"); inside my provider class.The exception is thrown but the login page is redirected to the standard error page just displaying the message:
     We're sorry ...       
         Unexpected error when handling authentication request to identity provider.      

How can i make the "My Message" exception message to be displayed on the login page?thanks
 


     Il Lunedì 26 Ottobre 2015 8:49, Marek Posolda <mposolda at redhat.com> ha scritto:
   

  On 24/10/15 23:27, alex orl wrote:
  
  I'm using jboss keycloak 1.5 final version. I developed my custom user federation provider interfacing with keycloak properties and my user enterprise database.  
  My need is to send up to user the login interface custom error messages based on particular specific error related to my legacy user db. 
  I saw keycloak themes have a resources folder by which i can localize and add new messages. Then i can reference them by angular js using  
      $myMessage 
  notation. The problem is i want to rise up a message from keycloak server. My user federation provider implements UserFederationProvider interface. So i should have to override: 
      @Override  public CredentialValidationOutput validCredentials(RealmModel realm, UserCredentialModel credential) {  LOGGER.info("validCredentials(realm, credential)");  return CredentialValidationOutput.failed();  } 
   In the UserFederationProvider interface i read that validCredentials : Validate credentials of unknown user. The authenticated user is recognized based on provided credentials and returned back in CredentialValidationOutput  
  It seems to be the method i was looking for just because CredentialValidationOutput contains custom messages to be sent as validation output. The problem is this method is never called.  
 This method is called by Keycloak just during use-cases, when you want to authenticate with unknown user. Which is currently during Kerberos/SPNEGO login. It's not called during basic flow with username/password authentication. 
 
 I think if you want to propagate error messages, you can for example throw ModelException with the error message you want.
 
  
  The same happens to the close method. It's never called at the end of each request so i cannot dispose my objects Why?
   
 Feel free to create JIRA for the close method.
 
 Marek
 
  Thanks a lot  
  
 _______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user 
 
 

  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20151026/09f099fa/attachment-0001.html

More information about the keycloak-user mailing list