In certain cases we need to skip automatic login through Kerberos.
According to the documentation this should be done through the parameter
prompt - Keycloak supports these settings:
- login - SSO will be ignored and the Keycloak login page will be always shown, even if the user is already authenticated
This works in most cases (we also use a NTLM waffle implementation) but with Kerberos the user is always signed in automatically.
Any hint or idea why?
Are there alternative ways to force forwarding to the login page?
The reason I need to skip the Kerberos authentication is because I need to login with an admin-account where I have to enter username+password.