Closed qjhart closed 5 months ago
line 206 and 210 of keycloak.js should be a configuration parameter
@jrmerz updated with parameterized
I'm curious, if a fin application where to allow keycloak based username/password login (ie third party with no SSO wired up), would auto appending a default domain be incorrect? It's an edge case, an I live where this is going, but just something to think about.
Yeah, I'm also a bit concerned that from an fcrepo standpoint quinn@ucdavis.edu
is still a string and not a URI. I basically copied eduroam, TBH, but we may need to review later
I'm curious, if a fin application where to allow keycloak based username/password login (ie third party with no SSO wired up), would auto appending a default domain be incorrect? It's an edge case, an I live where this is going, but just something to think about.
One more thought, can we add an enabled flag for adding the @[domain]
to the principle roles list and set it to false by default?
Only adds if eg PRINCIPAL_ADD_DOMAIN='ucdavis.edu'
This has
fin-principal
matchfin-jwt
in request. eg, check cookie, then header.I also deleted
getUserFromRequest
, didn't look right