[Apiman-user] Token is not active.
Helio Frota
00hf11 at gmail.com
Wed Aug 12 15:46:14 EDT 2015
*16:07:56,984 INFO* [stdout] (default task-6) Getting info for user admin
*16:09:27,427 ERROR*
[org.keycloak.adapters.BearerTokenRequestAuthenticator] (default task-28)
Failed to verify token: org.keycloak.
almost 2 min of inactivity..
but i did a try with more minutes and no errors ...
*16:36*:09,869 INFO [stdout] (default task-8) Got organization
HeavyMetalOrg: OrganizationBean [id=HeavyMetalOrg, name=HeavyMetalOrg,
description=The Heavy Metal Universe, createdBy=admin, createdOn=2015-08-12
15:57:02.829, modifiedBy=admin, modifiedOn=2015-08-12 15:57:02.829]
*16:42*:06,805 INFO [stdout] (default task-9) Getting info for user admin
On Wed, Aug 12, 2015 at 4:40 PM, Helio Frota <00hf11 at gmail.com> wrote:
> Is this something you can reproduce? Or just something that happened once?
>
> unfortunately no. just once.
>
> What did you experience when this occurred? Did you get sent to the login
> page? Did you get a blank page? Error in the UI?
>
> nothing, just navigating , clicking etc.. no blank page or error in the UI.
>
>
>
>
>
>
>
>
> On Wed, Aug 12, 2015 at 4:36 PM, Eric Wittmann <eric.wittmann at redhat.com>
> wrote:
>
>> Is this something you can reproduce? Or just something that happened
>> once?
>>
>> What did you experience when this occurred? Did you get sent to the
>> login page? Did you get a blank page? Error in the UI?
>>
>> -Eric
>>
>> On 8/12/2015 3:23 PM, Helio Frota wrote:
>>
>>> hi all ,
>>>
>>> I get this one too.
>>>
>>> I don't know if i clicked on some button or link or just error arise
>>> from another dimension.
>>>
>>> *16:06:37,817 INFO* [stdout] (default task-59) Updated plan: PlanBean
>>> [organization=OrganizationBean [id=HeavyMetalOrg, name=HeavyMetalOrg,
>>> description=The Heavy Metal Universe, createdBy=admin,
>>> createdOn=2015-08-12 15:57:02.829, modifiedBy=admin,
>>> modifiedOn=2015-08-12 15:57:02.829], id=soundsLikeAPlan,
>>> name=soundsLikeAPlan, description=454test, createdBy=admin,
>>> createdOn=2015-08-12 15:59:41.355]
>>> *16:07:56,984 INFO* [stdout] (default task-6) Getting info for user
>>> admin
>>> *16:09:27,427 ERROR*
>>>
>>> [org.keycloak.adapters.BearerTokenRequestAuthenticator] (default
>>> task-28) Failed to verify token: org.keycloak.VerificationException:
>>> Token is not active.
>>> at
>>> org.keycloak.RSATokenVerifier.verifyToken(RSATokenVerifier.java:46)
>>> [keycloak-core-1.2.0.Final.jar:1.2.0.Final]
>>> at
>>> org.keycloak.RSATokenVerifier.verifyToken(RSATokenVerifier.java:16)
>>> [keycloak-core-1.2.0.Final.jar:1.2.0.Final]
>>> at
>>>
>>> org.keycloak.adapters.BearerTokenRequestAuthenticator.authenticateToken(BearerTokenRequestAuthenticator.java:67)
>>> [keycloak-adapter-core-1.2.0.Final.jar:1.2.0.Final]
>>> at
>>>
>>> org.keycloak.adapters.BearerTokenRequestAuthenticator.authenticate(BearerTokenRequestAuthenticator.java:62)
>>> [keycloak-adapter-core-1.2.0.Final.jar:1.2.0.Final]
>>> at
>>>
>>> org.keycloak.adapters.RequestAuthenticator.authenticate(RequestAuthenticator.java:45)
>>> [keycloak-adapter-core-1.2.0.Final.jar:1.2.0.Final]
>>> at
>>>
>>> org.keycloak.adapters.undertow.AbstractUndertowKeycloakAuthMech.keycloakAuthenticate(AbstractUndertowKeycloakAuthMech.java:114)
>>> [keycloak-undertow-adapter-1.2.0.Final.jar:1.2.0.Final]
>>> at
>>>
>>> org.keycloak.adapters.undertow.ServletKeycloakAuthMech.authenticate(ServletKeycloakAuthMech.java:94)
>>> [keycloak-undertow-adapter-1.2.0.Final.jar:1.2.0.Final]
>>> at
>>>
>>> io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:281)
>>> [undertow-core-1.1.0.Final.jar:1.1.0.Final]
>>> at
>>>
>>> io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:298)
>>> [undertow-core-1.1.0.Final.jar:1.1.0.Final]
>>> at
>>>
>>> io.undertow.security.impl.SecurityContextImpl$AuthAttempter.access$100(SecurityContextImpl.java:268)
>>> [undertow-core-1.1.0.Final.jar:1.1.0.Final]
>>> at
>>>
>>> io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(SecurityContextImpl.java:131)
>>> [undertow-core-1.1.0.Final.jar:1.1.0.Final]
>>> at
>>>
>>> io.undertow.security.impl.SecurityContextImpl.authTransition(SecurityContextImpl.java:106)
>>> [undertow-core-1.1.0.Final.jar:1.1.0.Final]
>>> at
>>>
>>> io.undertow.security.impl.SecurityContextImpl.authenticate(SecurityContextImpl.java:99)
>>> [undertow-core-1.1.0.Final.jar:1.1.0.Final]
>>> at
>>>
>>> io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:54)
>>> [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
>>> at
>>>
>>> io.undertow.server.handlers.DisableCacheHandler.handleRequest(DisableCacheHandler.java:33)
>>> [undertow-core-1.1.0.Final.jar:1.1.0.Final]
>>> at
>>>
>>> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
>>> [undertow-core-1.1.0.Final.jar:1.1.0.Final]
>>> at
>>>
>>> io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:51)
>>> [undertow-core-1.1.0.Final.jar:1.1.0.Final]
>>> at
>>>
>>> io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:45)
>>> [undertow-core-1.1.0.Final.jar:1.1.0.Final]
>>> at
>>>
>>> io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:63)
>>> [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
>>> at
>>>
>>> io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:56)
>>> [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
>>> at
>>>
>>> io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58)
>>> [undertow-core-1.1.0.Final.jar:1.1.0.Final]
>>> at
>>>
>>> io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70)
>>> [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
>>> at
>>>
>>> io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76)
>>> [undertow-core-1.1.0.Final.jar:1.1.0.Final]
>>> at
>>>
>>> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
>>> [undertow-core-1.1.0.Final.jar:1.1.0.Final]
>>> at
>>>
>>> org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
>>> at
>>>
>>> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
>>> [undertow-core-1.1.0.Final.jar:1.1.0.Final]
>>> at
>>>
>>> org.keycloak.adapters.undertow.ServletPreAuthActionsHandler.handleRequest(ServletPreAuthActionsHandler.java:69)
>>> [keycloak-undertow-adapter-1.2.0.Final.jar:1.2.0.Final]
>>> at
>>>
>>> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
>>> [undertow-core-1.1.0.Final.jar:1.1.0.Final]
>>> at
>>>
>>> io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261)
>>> [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
>>> at
>>>
>>> io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:247)
>>> [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
>>> at
>>>
>>> io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:76)
>>> [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
>>> at
>>>
>>> io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:166)
>>> [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
>>> at
>>> io.undertow.server.Connectors.executeRootHandler(Connectors.java:197)
>>> [undertow-core-1.1.0.Final.jar:1.1.0.Final]
>>> at
>>> io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:759)
>>> [undertow-core-1.1.0.Final.jar:1.1.0.Final]
>>> at
>>>
>>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
>>> [rt.jar:1.8.0_45]
>>> at
>>>
>>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
>>> [rt.jar:1.8.0_45]
>>> at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_45]
>>>
>>>
>>>
>>>
>>>
>>> On Tue, Aug 11, 2015 at 5:16 AM, Marc Savy <marc.savy at redhat.com
>>> <mailto:marc.savy at redhat.com>> wrote:
>>>
>>> I think this may pertain to the Keycloak OAuth2 token. In which
>>> case, I
>>> provided Fadi with a version containing additional logging to see if
>>> we
>>> could track the issue down.
>>>
>>> It's not an issue I've ever been able to replicate, and we don't
>>> fiddle
>>> with the token data in any way, so I don't really see how we could
>>> affect things.
>>>
>>> My only suggestions are to ensure that time is accurate on all of the
>>> systems (NTP, Chronyd, etc), and I believe this has already been
>>> done.
>>>
>>> On 10/08/2015 18:00, Eric Wittmann wrote:
>>> > How often does this occur? What is the result?
>>> >
>>> > I assume this is triggering a re-login in the UI?
>>> >
>>> > There is no caching on the apiman side. However the tokens
>>> issued by
>>> > keycloak to the apiman UI do have an expiration. You could try
>>> logging
>>> > into the keycloak auth admin UI and increasing the lifespan of
>>> the tokens.
>>> >
>>> > Any more details you can provide would be great.
>>> >
>>> > -Eric
>>> >
>>> > On 8/10/2015 8:56 AM, Fadi Abdin wrote:
>>> >> I keep getting occasional "Token is not active." on they
>>> keycloak side
>>> >> occasionally . its really frustrating , i cant figure out what
>>> could
>>> >> cause this to happen. everything seems correct.
>>> >>
>>> >> Is there caching between API Man and Keycloak i can turn off ?
>>> Have
>>> >> anyone seeen this behavior ?
>>> >>
>>> >> Thanks,
>>> >> Fadi
>>> >> Express.com
>>> >>
>>> >>
>>> >> _______________________________________________
>>> >> Apiman-user mailing list
>>> >> Apiman-user at lists.jboss.org <mailto:Apiman-user at lists.jboss.org>
>>> >> https://lists.jboss.org/mailman/listinfo/apiman-user
>>> >>
>>> > _______________________________________________
>>> > Apiman-user mailing list
>>> > Apiman-user at lists.jboss.org <mailto:Apiman-user at lists.jboss.org>
>>> > https://lists.jboss.org/mailman/listinfo/apiman-user
>>> >
>>>
>>> _______________________________________________
>>> Apiman-user mailing list
>>> Apiman-user at lists.jboss.org <mailto:Apiman-user at lists.jboss.org>
>>> https://lists.jboss.org/mailman/listinfo/apiman-user
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> Apiman-user mailing list
>>> Apiman-user at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/apiman-user
>>>
>>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/apiman-user/attachments/20150812/2ae7003f/attachment.html
More information about the Apiman-user
mailing list