[keycloak-user] SAML quickstart example
Marek Posolda
mposolda at redhat.com
Tue Feb 20 08:15:57 EST 2018
On 20/02/18 14:01, tdtappe wrote:
> Doing my first steps with keycloak I successfully setup a keycloak
> (3.4.3.Final) instance and explored the vanilla sample app. Now I want to
> try the SAML sample app (app-profile-saml-jee-jsp).
> After modifying the web.xml to use KEYCLOAK instead of KEYCLOAK-SAML as the
> auth-method (I was getting an error: "Unknown authentication mechanism
> KEYCLOAK-SAML") I was able to build and deploy the app to my Wildfly 10.1
> instance.
> Question: Was it correct to change the auth-method to KEYCLOAK?
No, it's not correct AFAIK. Method KEYCLOAK can be used just if you
installed the OpenID Connect keycloak adapter subsystem into your
Wildfly and it's useful just for OpenID Connect clients. SAML clients
need KEYCLOAK-SAML authentication mechanism.
Why you changed that? Is it stated in some documentation or README that
SAML clients are supposed to use KEYCLOAK method? If yes, it's not
correct and we should likely fix it.
Marek
>
> If I now access the sample app and click on "Login" (or trying to access
> profile.jsp) I get a "Forbidden" error.
> AFAICT, I set up keycloak for the sample app as decribed in the
> documentation/readme.
>
> Any ideas?
>
> --Heiko
>
>
>
> --
> Sent from: http://keycloak-user.88327.x6.nabble.com/
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list