[keycloak-user] [development] Jumping to another flow from an authenticator

Marc Tempelmeier marc.tempelmeier at flane.de
Tue Apr 11 03:29:22 EDT 2017


Hi,

Thanks for your answer!

Yeah sure, I try to use the add-user.sh which is intended for that:

https://www.keycloak.org/docs/2.4/server_installation_guide/topics/operating-mode/domain.html

But I can´t get the Slave connected to the Master, in the Wildfly Docu a username in domain.xml is mentioned, but if I try to add that attribute I´ll get an "not supported" error in Keycloak. So my question is how does keycloak determine the correct user the slave uses?
The Wildfly docu mentions that if omitted the hostname is used. 

I tried that but still get a not authorized error. What should I do? :)

Greetings

Marc

-----Ursprüngliche Nachricht-----
Von: keycloak-user-bounces at lists.jboss.org [mailto:keycloak-user-bounces at lists.jboss.org] Im Auftrag von Marek Posolda
Gesendet: Monday, April 10, 2017 9:42 PM
An: Tomás García <tomas at intrahouse.com>; keycloak-user at lists.jboss.org
Betreff: Re: [keycloak-user] [development] Jumping to another flow from an authenticator

I think it's possible with current implementation by using:

context.forkWithSuccessMessage("some message, which will displayed on the initial login screen");

or also "context.forkWithErrorMessage" . The "context" references AuthenticationFlowContext object passed to the authenticator.

Something like this is used at ResetCredentialEmail authenticator, which is used during reset-credentials flow (when user press link "Forget my password" on the login screen).

Hope this helps,
Marek



On 10/04/17 15:56, Tomás García wrote:
> Hi,
>
> I'm doing experiments with authenticators... I've made an 
> authenticator for the "first broker login" flow and I'm wondering if, 
> under certain condition I implemented inside the authenticateImpl 
> method of the authenticator, I can jump to the browser flow to 
> "challenge" the user with the regular login screen. It looks like it's impossible by design.
>
> If there's another alternative, you can think about, it would be great.
>
> Thanks.
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user


_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user



More information about the keycloak-user mailing list