javaauthenticationkeycloakkerberosspnego

Keycloak Kerberos prevent login dialog


I'm using keycloak to manage authentication of a java-based web-application.
I configured a Kerberos User Federation which is working fine within the internal network.
Accessing the web-application from outside the network I get the following login dialog instead of being forwarded to the keycloak login form.
Interesting the forwarding works with Firefox, but not Edge, Chrome, IE.

How can I prevent the login-dialog and forward directly to the keycloak-login-form?

EDIT: For example would it be possible to create a second authentication flow (with kerberos disabled) and pass it as parameter in the URL?

The Authentication Flow:

Browser Login Dialog


Solution

  • What I figured out, the browser-login-dialog is not shown and the flow is forwarded to the keycloak-login-page if the following settings are made.

    Kerberos GPO - trusted sites

    enter image description here