I have a pure JavaEE application (EAR with EJB Jars and Web Archive)
The WAR according Java EE security defines the j_security_check action for login forms (FORM Based Authentication)
In this way based on JBOSS feature, I 'm able to configure the best Identity Manager (from the simple users/roles property files to the LDAP etc)
I would like to integrate OTP to increase security and implements a 2FA
So, I would like to use the Red Hat SSO (based on the keycloak ) to archive this goal
Ideally, should be done without changing the WAR and I see for example it is possible to do installing JBOSS EAP Adapters and adding a new subsystem into the jboss cfg file.
But there is a guide from RedHat or other available ?
I'm able to integrate in my form based login screen additional "field" (to ask the OTP to the user): maybe it must match a fixed name (e.g. j_opt )
Form must continue to follow standard and so invoke the j_security_check