Closed Alexsme closed 2 years ago
SSO with KeyCloak works great for me in RC.Electron client version 2.15.5-2.17.2 and in modern browsers (Chrome, IE11) on domain joined computer. You need to add KeyCloak URL to Local Intranet Security Zone in Internet Explorer settings (we used group policies for that).
My Setup
Operating System: Windows 10
App Version: 2.15.3
[ ] I have tested with the latest version
[x ] I can simulate the issue easily
Description
In our integration environnement we try to switch authentication from keycloak/ldaps to Keycloak/kerberos (openid).
- Keycloak/ldaps authentication : browser access (Edge or chrome) work fine, desktop client work fine.
- Keycloak/kerberos authentication : browser access (Edge or chrome) work fine, desktop client failed
We can see this logs on keycloak when when failing :
2019-10-28 17:01:14,368 INFO [stdout] (default task-58) Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt true ticketCache is null isInitiator false KeyTab is /etc/keycloak.keytab refreshKrb5Config is false principal is "" tryFirstPass is false useFirstPass is false storePass is false clearPass is false 2019-10-28 17:01:14,368 INFO [stdout] (default task-58) principal is "" 2019-10-28 17:01:14,368 INFO [stdout] (default task-58) Will use keytab 2019-10-28 17:01:14,369 INFO [stdout] (default task-58) Commit Succeeded 2019-10-28 17:01:14,369 INFO [stdout] (default task-58) 2019-10-28 17:01:14,370 WARN [org.keycloak.federation.kerberos.impl.SPNEGOAuthenticator] (default task-58) GSS Context accepted, but no context initiator recognized. Check your kerberos configuration and reverse DNS lookup configuration
Did you ever facing this problem ?
Thanks for your support.
Regards.
Hi , Did you find the problem ?
Please test if the latest release did solve this. If not please reopen the issue or create a new one and tell us. I will be closing this one for now.
Thank you!
My Setup
Description
In our integration environnement we try to switch authentication from keycloak/ldaps to Keycloak/kerberos (openid).
We can see this logs on keycloak when when failing :
2019-10-28 17:01:14,368 INFO [stdout] (default task-58) Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt true ticketCache is null isInitiator false KeyTab is /etc/keycloak.keytab refreshKrb5Config is false principal is "" tryFirstPass is false useFirstPass is false storePass is false clearPass is false 2019-10-28 17:01:14,368 INFO [stdout] (default task-58) principal is "" 2019-10-28 17:01:14,368 INFO [stdout] (default task-58) Will use keytab 2019-10-28 17:01:14,369 INFO [stdout] (default task-58) Commit Succeeded 2019-10-28 17:01:14,369 INFO [stdout] (default task-58) 2019-10-28 17:01:14,370 WARN [org.keycloak.federation.kerberos.impl.SPNEGOAuthenticator] (default task-58) GSS Context accepted, but no context initiator recognized. Check your kerberos configuration and reverse DNS lookup configuration
Did you ever facing this problem ?
Thanks for your support.
Regards.