[keycloak-dev] Token not active error

Bill Burke bburke at redhat.com
Fri Aug 16 09:26:07 EDT 2013 

Stian, I cannot reproduce this problem.

On 8/13/2013 12:14 PM, Bill Burke wrote:
> Ah ok, this must be a bug in the as7 integration module.  I'll take a look.
>
> On 8/13/2013 11:49 AM, Stian Thorgersen wrote:
>> Bill,
>>
>> If I leave customer-portal open for a while I get the a token is not active error in the server log (see stack trace below). After that the only way I can get things working again is to manually remove the session cookie with JSSONID in it.
>>
>> I've moved the stuff from AbstractLoginService into OAuthUtil which just has a bunch of static methods. This is because I had to change SocialResource as the callback endpoint shouldn't contain the realm (see https://issues.jboss.org/browse/KEYCLOAK-33).
>>
>> I don't think I've broken it, but I may have :/
>>
>>
>> ------------------
>> 16:46:48,268 ERROR [org.keycloak.adapters.as7.CatalinaBearerTokenAuthenticator] (http-localhost-127.0.0.1-8080-7) Failed to verify token: org.keycloak.VerificationException: Token is not active.
>> 	at org.keycloak.RSATokenVerifier.verifyToken(RSATokenVerifier.java:39) [keycloak-core-1.0-alpha-1.jar:]
>> 	at org.keycloak.RSATokenVerifier.verifyToken(RSATokenVerifier.java:19) [keycloak-core-1.0-alpha-1.jar:]
>> 	at org.keycloak.adapters.as7.CatalinaBearerTokenAuthenticator.login(CatalinaBearerTokenAuthenticator.java:77) [keycloak-as7-adapter-1.0-alpha-1.jar:]
>> 	at org.keycloak.adapters.as7.BearerTokenAuthenticatorValve.authenticate(BearerTokenAuthenticatorValve.java:67) [keycloak-as7-adapter-1.0-alpha-1.jar:]
>> 	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:455) [jbossweb-7.0.13.Final.jar:]
>> 	at org.keycloak.adapters.as7.BearerTokenAuthenticatorValve.invoke(BearerTokenAuthenticatorValve.java:57) [keycloak-as7-adapter-1.0-alpha-1.jar:]
>> 	at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]
>> 	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.13.Final.jar:]
>> 	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.13.Final.jar:]
>> 	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.13.Final.jar:]
>> 	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.13.Final.jar:]
>> 	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.13.Final.jar:]
>> 	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.13.Final.jar:]
>> 	at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.13.Final.jar:]
>> 	at java.lang.Thread.run(Thread.java:722) [rt.jar:1.7.0_21]
>>
>> 16:46:48,276 WARN  [org.apache.http.impl.client.DefaultHttpClient] (http-localhost-127.0.0.1-8080-3) Authentication error: Unable to respond to any of these challenges: {bearer=WWW-Authenticate: Bearer realm="demo", error="invalid_token", error_description="Token is not active."}
>> 16:46:48,278 ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[default-host].[/customer-portal].[jsp]] (http-localhost-127.0.0.1-8080-3) Servlet.service() for servlet jsp threw exception: javax.ws.rs.ProcessingException: Unable to find a MessageBodyReader of content-type text/html;charset=utf-8 and type interface java.util.List
>> 	at org.jboss.resteasy.core.interception.ClientReaderInterceptorContext.throwReaderNotFound(ClientReaderInterceptorContext.java:39) [resteasy-jaxrs-3.0.2.Final.jar:]
>> 	at org.jboss.resteasy.core.interception.AbstractReaderInterceptorContext.getReader(AbstractReaderInterceptorContext.java:73) [resteasy-jaxrs-3.0.2.Final.jar:]
>> 	at org.jboss.resteasy.core.interception.AbstractReaderInterceptorContext.proceed(AbstractReaderInterceptorContext.java:50) [resteasy-jaxrs-3.0.2.Final.jar:]
>> 	at org.jboss.resteasy.plugins.interceptors.encoding.GZIPDecodingInterceptor.aroundReadFrom(GZIPDecodingInterceptor.java:59) [resteasy-jaxrs-3.0.2.Final.jar:]
>> 	at org.jboss.resteasy.core.interception.AbstractReaderInterceptorContext.proceed(AbstractReaderInterceptorContext.java:53) [resteasy-jaxrs-3.0.2.Final.jar:]
>> 	at org.jboss.resteasy.client.jaxrs.internal.ClientResponse.readFrom(ClientResponse.java:244) [resteasy-client-3.0.2.Final.jar:]
>> 	at org.jboss.resteasy.client.jaxrs.internal.ClientResponse.readEntity(ClientResponse.java:178) [resteasy-client-3.0.2.Final.jar:]
>> 	at org.jboss.resteasy.specimpl.BuiltResponse.readEntity(BuiltResponse.java:223) [resteasy-jaxrs-3.0.2.Final.jar:]
>> 	at org.jboss.resteasy.example.oauth.CustomerDatabaseClient.getCustomers(CustomerDatabaseClient.java:29) [classes:]
>> 	at org.apache.jsp.customers.view_jsp._jspService(view_jsp.java:74)
>> 	at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70) [jbossweb-7.0.13.Final.jar:]
>> 	at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final]
>> 	at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:369) [jbossweb-7.0.13.Final.jar:]
>> 	at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:326) [jbossweb-7.0.13.Final.jar:]
>> 	at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:253) [jbossweb-7.0.13.Final.jar:]
>> 	at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final]
>> 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329) [jbossweb-7.0.13.Final.jar:]
>> 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:]
>> 	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275) [jbossweb-7.0.13.Final.jar:]
>> 	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161) [jbossweb-7.0.13.Final.jar:]
>> 	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:489) [jbossweb-7.0.13.Final.jar:]
>> 	at org.keycloak.adapters.as7.OAuthManagedResourceValve.invoke(OAuthManagedResourceValve.java:104) [keycloak-as7-adapter-1.0-alpha-1.jar:]
>> 	at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]
>> 	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.13.Final.jar:]
>> 	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.13.Final.jar:]
>> 	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.13.Final.jar:]
>> 	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.13.Final.jar:]
>> 	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.13.Final.jar:]
>> 	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.13.Final.jar:]
>> 	at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.13.Final.jar:]
>> 	at java.lang.Thread.run(Thread.java:722) [rt.jar:1.7.0_21]
>>
>

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com

More information about the keycloak-dev mailing list