[keycloak-user] Username Password Form as Alternative

Filipe Lautert filipelautert at gmail.com
Wed Aug 10 16:02:50 EDT 2016


Hello

I would like to have the "Username Password Form" auth type as a fallback
option - I've setup my personalized auth methods, but if they don't succeed
I wan't the user to be shown the login form.

The issue that I face  is that even when I authenticate the user
successfully (in my Authenticator code with context.setUser(myUser);
context.success();
) the login form is still shown to the user, even if it's inside a auth
type "Browser Forms" set up as alternative.

I worked around it creating a class called
AlternativeUsernamePasswordFormFactory
that extends UsernamePasswordFormFactory, and the only change that I did to
it was to add the AuthenticationExecutionModel.Requirement.ALTERNATIVE to
the REQUIREMENT_CHOICES . Now, if I set this new auth type as alternative
in Keycloak, it does what I want.

So my questions are: am I missing something to mark my Authenticator as
sufficient to end the flow and return to the client? if not, is there a
reason why UsernamePasswordFormFactory doesn't provide the ALTERNATIVE
option, and can I suggest a patch to add it to this class?

Cheers

filipe
-- 
filipe lautert
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160810/654d4e60/attachment.html 


More information about the keycloak-user mailing list