[keycloak-user] Login without Keycloak Login Page
Bill Burke
bburke at redhat.com
Mon Dec 19 12:08:12 EST 2016
On 12/19/16 11:32 AM, ruiwp13 wrote:
> Bill Burke wrote
>> I looked at the image, specifically the @Path("/login") JAX-RS method.
>> What you are attempting will just not work. Period. I don't think you
>> understand how basic servlet, JAX-RS, and HTTP works along with how Open
>> ID Connection works. OpenID Connect (and SAML) require browser
>> redirects. In looking at your code, you're expecting authenticate() to
>> redirect the browser to keycloak, have the user login, then redirect
>> back. This just doesn't do what you expect. And it shouldn't.
>> Calling servletRequest.authenticate() sets a 302 response with a
>> Location header pointing back to the server. That's it... You
>> actually override what authenticate() did by returning a JAX-RS response.
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at .jboss
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
> Thank you for the answer Bill,
>
> It does redirect me to keycloak login page and then back to my login page.
> The redirect back is managed by keycloak. It redirects back to the
> application after login. It may have something wrong when I do the
> authenticate(), but it does redirect me to Keycloak login page. If I knew
> how everything worked I wasn't here asking for help eheh. I came here to
> know what I was doing wrong or if it was a keycloak problem.
>
> What is the correct way to do it then?
I'm not sure what you mean by "Login without Keycloak Login Page". Is
this a browser application? If so, I strongly suggest you use our
adapter and Keycloak Login pages. Login pages can be stylized however
you want. You are not using our adapter as it was intended to be used
so we just can't help you. You're on your own.
You can do a login without keycloak login pages, but this flow is for
REST clients only, not browser applications. Use direct grant [1] to
obtain a token. Here's a crude example [2] Sorry there isn't better
docs on this.
[1] https://tools.ietf.org/html/rfc6749#section-4.3
[2]
https://github.com/keycloak/keycloak/blob/master/examples/demo-template/admin-access-app/src/main/java/org/keycloak/example/AdminClient.java
More information about the keycloak-user
mailing list