keycloak-scim

History

Sven-Torben Janus 850d3e7fef KEYCLOAK-15511 OTP registration during login with LDAP read-only When LDAP user federation is configured in read-only mode, it is not possible to set required actions for users from LDAP. Keycloak credential model allows for registering OTP devices when LDAP ist configured with "Import Users" flag enabled. Registering OTP devices needs to be done via the account management console and works as expecetd. However, it fails, if a user has to register aN OTP device during login (i.e. within the authentication flow), because the OTP Form Authenticator tries to enforce OTP registration via setting the corresponding required action for the user. That fails, because the user is read-only. To work around this, the required action is set on the authentication session instead.	2020-10-21 17:00:11 +02:00
..
src	KEYCLOAK-15511 OTP registration during login with LDAP read-only	2020-10-21 17:00:11 +02:00
pom.xml	Set version to 12.0.0-SNAPSHOT	2020-07-22 14:36:15 +02:00

Sven-Torben Janus 850d3e7fef KEYCLOAK-15511 OTP registration during login with LDAP read-only

When LDAP user federation is configured in read-only mode, it is not
possible to set required actions for users from LDAP.
Keycloak credential model allows for registering OTP devices when LDAP
ist configured with "Import Users" flag enabled. Registering OTP devices
needs to be done via the account management console and works as
expecetd. However, it fails, if a user has to register aN OTP device
during login (i.e. within the authentication flow), because the OTP Form
Authenticator tries to enforce OTP registration via setting the
corresponding required action for the user. That fails, because the user
is read-only.
To work around this, the required action is set on the authentication
session instead.

2020-10-21 17:00:11 +02:00

src

KEYCLOAK-15511 OTP registration during login with LDAP read-only

2020-10-21 17:00:11 +02:00

pom.xml

Set version to 12.0.0-SNAPSHOT

2020-07-22 14:36:15 +02:00