I wish to create a custom Keycloak Authentication flow only using JavaScript based technologies.
The logic of Flow is very simple, It will just create two random 4 digit OTP and sent to SMS and Email and in next step it will validate it.
Is this really possible to do it only using nodejs?
Any help or reference materials is highly appreciated.
No, you will need Authentication SPI (https://www.keycloak.org/docs/latest/server_development/#_auth_spi) which you can develop only in the Java. So, no NodeJS.
Related
I have a database with users, how would I start creating a custom implementation of my users with IdentityServer? All the examples I have seen use the InMemoryUser that are hard coded with values.
Can one follow this as a guide line?
Yes, That is a good point.In IndentityServer v3 there is an interface(IUserService) to interact with user store. You can implement the interface using MembershipReboot or Asp.net Identity.
Hope this help.
I hope someone could help with this:
I am working on a php project and I need to implement the authentication of the application as a Service. I need to do something like Google where offers a Service to login in other applications using Google's Authentication Service (for example trello.com allows visitors to login with their google account).
I would like to clarify my mind, because I have no idea how to start it. I am using Symfony2 framework and I'm trying to work RESTFully, but basically what I need is just an idea of what I have to do or investigate to carry this out.
As the symfony Ecosystem is big, take a look at the FOSRestBundle for creating the API. Then there is the NelmioApiDocBundle for easy documentation of your REST-API. For authenticating you should consider OAuth, so take a look at the FOSOAuthServerBundle. With all three combined you can create a great API.
Also read this article, about REST APIs with Symfony2: The Right Way
I'm attempting to implement SSO and wanted to use Netsuite as an IdP. Now I know officially this isn't possible but I was wondering if it's even remotely possible to have something like this done (custom coded or anything like that)?
Unfortunately I am not the most knowledgeable person in regards to these things, please forgive my ignorance.
Thanks!
It really comes down to what NetSuite exposes for PingFederate to hook into. From a PingFederate perspective, if NetSuite exposes the ability to validate an existing user session by a 3rd Party or provides an API that can essentially authenticate a user you could create a custom IDP Adapter for PF that would handle this.
This is something that your Ping Account team can assist with if you're interested in getting some assistance.
HTH
--Ian (Note: I work for Ping)
I am using django allauth in a variety of application that i make and its awesome!
Right now, I am trying to develop a login process in two separate steps.
I have a client(mobile) social login with some provider(twitter, Facebook) and the client takes the oauth credentials and sends them back to the server.
That means, that i do not need to use the forms and the templates provided, since all that are handled just fine by the client already.
What i need, is to know what functions/views i need to call in order to avoid all the functions that need the request to work properly.
I hope that i explained in detail my issue.
Thank you in advance,
Michael.
I have setup FORM-authentication within web.xml (java-webcontainer) successfully.
I did not find a way to sent the username/password within the get-request of the restful-uri from my client when using FORM-Authentication. So I have to use BASIC-Authentication only for the restful-uri.
So I have this question:
How can I set up both form-based authentication and basic authentication?
Basic authentication should only be enabled for the restful-uri.
I was also facing a similar problem and I realized that if you are using Wildfly then its possible to configure multiple mechanism using web.xml:-
<auth-method>BASIC?silent=true,FORM</auth-method>
Using this silent basic authentication will be tried first, which is basic authentication that only takes effect if an Authorization header is present. If no such header is present then form authentication will be used instead.
Maybe its too late for a reply but I just updated this in case someone finds this useful :P
There were no responses here for a while, so I did a quick servlet refresher myself. Servlet specs indeed allow only one <login-config> element per web application, so there is no way to have an entry point with BASIC authetication for the REST API and another with FORM-based authentication for the UI. The only option is to build them as two independently deployable applications. To avoid code duplication, it might be a good idea just to let the UI application talk to the REST API the same way the third-party clients are supposed to.