[Apiman-user] Token is not active.
Helio Frota
00hf11 at gmail.com
Wed Aug 12 15:23:44 EDT 2015
hi all ,
I get this one too.
I don't know if i clicked on some button or link or just error arise from
another dimension.
*16:06:37,817 INFO* [stdout] (default task-59) Updated plan: PlanBean
[organization=OrganizationBean [id=HeavyMetalOrg, name=HeavyMetalOrg,
description=The Heavy Metal Universe, createdBy=admin, createdOn=2015-08-12
15:57:02.829, modifiedBy=admin, modifiedOn=2015-08-12 15:57:02.829],
id=soundsLikeAPlan, name=soundsLikeAPlan, description=454test,
createdBy=admin, createdOn=2015-08-12 15:59:41.355]
*16:07:56,984 INFO* [stdout] (default task-6) Getting info for user admin
*16:09:27,427 ERROR*
[org.keycloak.adapters.BearerTokenRequestAuthenticator] (default task-28)
Failed to verify token: org.keycloak.VerificationException: Token is not
active.
at org.keycloak.RSATokenVerifier.verifyToken(RSATokenVerifier.java:46)
[keycloak-core-1.2.0.Final.jar:1.2.0.Final]
at org.keycloak.RSATokenVerifier.verifyToken(RSATokenVerifier.java:16)
[keycloak-core-1.2.0.Final.jar:1.2.0.Final]
at
org.keycloak.adapters.BearerTokenRequestAuthenticator.authenticateToken(BearerTokenRequestAuthenticator.java:67)
[keycloak-adapter-core-1.2.0.Final.jar:1.2.0.Final]
at
org.keycloak.adapters.BearerTokenRequestAuthenticator.authenticate(BearerTokenRequestAuthenticator.java:62)
[keycloak-adapter-core-1.2.0.Final.jar:1.2.0.Final]
at
org.keycloak.adapters.RequestAuthenticator.authenticate(RequestAuthenticator.java:45)
[keycloak-adapter-core-1.2.0.Final.jar:1.2.0.Final]
at
org.keycloak.adapters.undertow.AbstractUndertowKeycloakAuthMech.keycloakAuthenticate(AbstractUndertowKeycloakAuthMech.java:114)
[keycloak-undertow-adapter-1.2.0.Final.jar:1.2.0.Final]
at
org.keycloak.adapters.undertow.ServletKeycloakAuthMech.authenticate(ServletKeycloakAuthMech.java:94)
[keycloak-undertow-adapter-1.2.0.Final.jar:1.2.0.Final]
at
io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:281)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:298)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.security.impl.SecurityContextImpl$AuthAttempter.access$100(SecurityContextImpl.java:268)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(SecurityContextImpl.java:131)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.security.impl.SecurityContextImpl.authTransition(SecurityContextImpl.java:106)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.security.impl.SecurityContextImpl.authenticate(SecurityContextImpl.java:99)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:54)
[undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.server.handlers.DisableCacheHandler.handleRequest(DisableCacheHandler.java:33)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:51)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:45)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:63)
[undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:56)
[undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70)
[undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
org.keycloak.adapters.undertow.ServletPreAuthActionsHandler.handleRequest(ServletPreAuthActionsHandler.java:69)
[keycloak-undertow-adapter-1.2.0.Final.jar:1.2.0.Final]
at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261)
[undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:247)
[undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:76)
[undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:166)
[undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.server.Connectors.executeRootHandler(Connectors.java:197)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:759)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
[rt.jar:1.8.0_45]
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
[rt.jar:1.8.0_45]
at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_45]
On Tue, Aug 11, 2015 at 5:16 AM, Marc Savy <marc.savy at redhat.com> wrote:
> I think this may pertain to the Keycloak OAuth2 token. In which case, I
> provided Fadi with a version containing additional logging to see if we
> could track the issue down.
>
> It's not an issue I've ever been able to replicate, and we don't fiddle
> with the token data in any way, so I don't really see how we could
> affect things.
>
> My only suggestions are to ensure that time is accurate on all of the
> systems (NTP, Chronyd, etc), and I believe this has already been done.
>
> On 10/08/2015 18:00, Eric Wittmann wrote:
> > How often does this occur? What is the result?
> >
> > I assume this is triggering a re-login in the UI?
> >
> > There is no caching on the apiman side. However the tokens issued by
> > keycloak to the apiman UI do have an expiration. You could try logging
> > into the keycloak auth admin UI and increasing the lifespan of the
> tokens.
> >
> > Any more details you can provide would be great.
> >
> > -Eric
> >
> > On 8/10/2015 8:56 AM, Fadi Abdin wrote:
> >> I keep getting occasional "Token is not active." on they keycloak side
> >> occasionally . its really frustrating , i cant figure out what could
> >> cause this to happen. everything seems correct.
> >>
> >> Is there caching between API Man and Keycloak i can turn off ? Have
> >> anyone seeen this behavior ?
> >>
> >> Thanks,
> >> Fadi
> >> Express.com
> >>
> >>
> >> _______________________________________________
> >> Apiman-user mailing list
> >> Apiman-user at lists.jboss.org
> >> https://lists.jboss.org/mailman/listinfo/apiman-user
> >>
> > _______________________________________________
> > Apiman-user mailing list
> > Apiman-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/apiman-user
> >
>
> _______________________________________________
> Apiman-user mailing list
> Apiman-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/apiman-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/apiman-user/attachments/20150812/435b6f4a/attachment-0001.html
More information about the Apiman-user
mailing list