I'm doing SAML authentication with the Keycloak adapter and I need to use SAML2 extensions in the AuthnRequest message. Is this possible?
My idP provides localized login pages. A language code can be supplied with a SAML2 extension in the AuthnRequest.
Everything works fine if I use the default language (no extensions).
My idp also allows to define the set of valid languages in the service provider metadata. I only need to support three languages, so one workaround would be to register a different service provider for every language. I could define the language in the sp metadata and have three separate URLs in my service for the authentication.
I use Wildfly 10.
Any thoughts?
Turns out you can extend org.keycloak.broker.saml.SAMLIdentityProvider and override performLogin() and add extensions with SAML2AuthnRequestBuilder.addExtension(). Follow the examples at: https://github.com/keycloak/keycloak/tree/master/examples/providers for deployment considerations and exact implementation.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.