Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Multiple apps SAML and 18.0.2 #94

Closed
1 task done
elmidwill opened this issue Jul 24, 2022 · 4 comments
Closed
1 task done

Multiple apps SAML and 18.0.2 #94

elmidwill opened this issue Jul 24, 2022 · 4 comments
Assignees
@sventorben
Labels
duplicate This issue or pull request already exists invalid This doesn't seem right wontfix This will not be worked on

Comments

@elmidwill
Copy link

elmidwill commented Jul 24, 2022
edited
Loading

Is there an existing issue for this?

  • I have searched the existing issues

Current Behavior

So I got around to trying this today. It doesn't appear to work with SAML authentication on version 18.0.2, or more likely I am not doing something correctly.

After adding the provider, restarting KC, I created a copy of the browser flow, edited it as per instructions. I then created the role in a client, and changed the "Authentication Flow Overrides" to the newly created flow which has the restrict feature enabled. when I try to login from an app using SAML, it redirects to KC and immediately presents me with "Invalid username or password" without prompting for either.

Expected Behavior

No response

Steps To Reproduce

No response

Version

- Keycloak:
- This extension:

Anything else?

No response
@elmidwill elmidwill added the bug Something isn't working label Jul 24, 2022
@sventorben
Copy link
Owner

Hello @elmidwill,

I have this running on several Keycloak instances using SAML. So, I am pretty sure it works with SAML in general.
Could you please post a screenshot of your authentication flow and relevant client configuration?
Are you trying to use the role-based or policy-based mode?

Regards
Sven-Torben

@sventorben sventorben mentioned this issue Jul 24, 2022
Closed
1 task
@elmidwill
Copy link
Author

Here is the authentication flow
image
I am trying to use role-based mode.

Maybe I am not attaching the flow correctly. I go to clients --> choose a client --> authentication flow overrides --> and change the browser to the new flow with the access restriction in it.

@sventorben
Copy link
Owner

I think that your flow is misconfigured. Keycloak does not allow to combine required and alternative executions on the same level. You should see a corresponding entry in your server logs.
Please take a look at issue #9 for details.

@elmidwill
Copy link
Author

Thanks. I got it working.

@sventorben sventorben added wontfix This will not be worked on invalid This doesn't seem right duplicate This issue or pull request already exists and removed bug Something isn't working labels Aug 9, 2022
@sventorben sventorben self-assigned this Aug 9, 2022
@sventorben sventorben closed this as not planned Won't fix, can't repro, duplicate, stale Aug 9, 2022
sventorben added a commit that referenced this issue Mar 2, 2023
@sventorben
docs: Add details for flow configuration
330ed8a 
Relates to #149, #116, #100, #94, #9
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sventorben sventorben

Labels
duplicate This issue or pull request already exists invalid This doesn't seem right wontfix This will not be worked on
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@elmidwill @sventorben