[keycloak-dev] Cannot login to fresh KC + Postgres setup

Libor Krzyžanek lkrzyzan at redhat.com
Wed Mar 25 06:33:48 EDT 2015 

Seems I found the problem.
Openshift has old Postgres JDBC driver (8.4, JDBC 3) Should be 9.2 JDBC4. (See https://access.redhat.com/articles/111663 <https://access.redhat.com/articles/111663>)

Thanks,

Libor Krzyžanek
jboss.org <http://jboss.org/> Development Team

> On 25 Mar 2015, at 11:15, Libor Krzyžanek <lkrzyzan at redhat.com> wrote:
> 
> When I switch to ExampleDS (H2 DB) everything works as expected.
> 
> Doesn’t work with PostgreSQLDS
> 
> Thanks,
> 
> Libor Krzyžanek
> jboss.org <http://jboss.org/> Development Team
> 
>> On 25 Mar 2015, at 11:07, Libor Krzyžanek <lkrzyzan at redhat.com <mailto:lkrzyzan at redhat.com>> wrote:
>> 
>> Hi,
>> I have the latest 1.2.0-Beta1 installation and I cannot login via admin/admin to master realm after fresh installation.
>> 
>> I see tables in postgres but cannot login.
>> 
>> Deployment is EAP 6.3 with proper modules + Postgres 9.2.8 (everything on Openshift, in keycloak-server.json I uses Openshift’s Postgres datasource defined in standalone.xml)
>> 
>> I’m checking tables and I see
>> 
>> keycloak=#  select * from USER_ENTITY;
>>                  id                  | email |           email_constraint           | email_verified | enabled | federation_link | first_name | last_name | realm_id | totp | username
>> --------------------------------------+-------+--------------------------------------+----------------+---------+-----------------+------------+-----------+----------+------+----------
>> e8620950-494a-422a-9430-bf8a001b64b6 |       | 05634ab8-5856-4587-a42b-9dadb1eef591 | f              | t       |                 |            |           | master   | f    | admin
>> (1 row)
>> 
>> keycloak=# select * from credential where user_id='e8620950-494a-422a-9430-bf8a001b64b6';
>>                  id                  | device | hash_iterations |                salt                |   type   |                                          value                                           |               user_id
>> --------------------------------------+--------+-----------------+------------------------------------+----------+------------------------------------------------------------------------------------------+--------------------------------------
>> 675d7483-746e-4195-a544-327027890492 |        |               1 | \xa1a0aa3ca2e4ef65e26794805ed1248c | password | b8Ue+oLgrvdUWp4bzKAXoFfSli90ENUSPp439uIqks8iOMcMypjetKYbwZI8Qu1sTwXVZwdEJ6hVf/9hGa66FQ== | e8620950-494a-422a-9430-bf8a001b64b6
>> (1 row)
>> 
>> However USERNAME_LOGIN_FAILURE is empty.
>> 
>> rhdssodev2=# select * from USERNAME_LOGIN_FAILURE;
>> realm_id | username | failed_login_not_before | last_failure | last_ip_failure | num_failures
>> ----------+----------+-------------------------+--------------+-----------------+--------------
>> (0 rows)
>> 
>> 
>> Is it known issue?
>> 
>> 
>> Here is snippet from log:
>> 2015/03/25 06:02:34,378 WARN  [org.jboss.resteasy.core.ResourceLocator] (http-/127.5.255.129:8080-3) Field uriInfo of subresource org.keycloak.services.resources.LoginActionsService will not be injected according to spec
>> 2015/03/25 06:02:34,378 WARN  [org.jboss.resteasy.core.ResourceLocator] (http-/127.5.255.129:8080-3) Field clientConnection of subresource org.keycloak.services.resources.LoginActionsService will not be injected according to spec
>> 2015/03/25 06:02:34,378 WARN  [org.jboss.resteasy.core.ResourceLocator] (http-/127.5.255.129:8080-3) Field providers of subresource org.keycloak.services.resources.LoginActionsService will not be injected according to spec
>> 2015/03/25 06:02:34,378 WARN  [org.jboss.resteasy.core.ResourceLocator] (http-/127.5.255.129:8080-3) Field session of subresource org.keycloak.services.resources.LoginActionsService will not be injected according to spec
>> 2015/03/25 06:02:34,423 DEBUG [org.keycloak.services.managers.AuthenticationManager] (http-/127.5.255.129:8080-3) validating password for user: admin
>> 2015/03/25 06:02:34,424 DEBUG [org.keycloak.services.managers.AuthenticationManager] (http-/127.5.255.129:8080-3) Expiring remember me cookie
>> 2015/03/25 06:02:34,425 DEBUG [org.keycloak.services.managers.AuthenticationManager] (http-/127.5.255.129:8080-3) Expiring cookie: KEYCLOAK_REMEMBER_ME path: /auth/realms/master
>> 2015/03/25 06:02:34,431 DEBUG [freemarker.cache] (http-/127.5.255.129:8080-3) "template.ftl"["en_US",UTF-8,parsed]  using cached since vfs:/content/ROOT.war/WEB-INF/lib/keycloak-forms-common-themes-1.2.0.Beta1-SNAPSHOT.jar/theme/base/login/template.ftl didn't change.
>> 
>> 
>> 
>> Thanks,
>> 
>> Libor Krzyžanek
>> jboss.org <http://jboss.org/> Development Team
>> 
>> 
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org <mailto:keycloak-dev at lists.jboss.org>
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
> 
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20150325/dc057edf/attachment-0001.html

More information about the keycloak-dev mailing list