[keycloak-dev] Fwd: Bad Request

Alex Gouvêa Vasconcelos alexgv99 at gmail.com
Fri Feb 19 21:10:23 EST 2016 

Hi Bruno, thank you for the interest in help me...
My problem is exact the same as described here:
https://issues.jboss.org/browse/KEYCLOAK-1701
Except that my keycloak version is 1.6.1, not 1.3.1 as in the issue 1701.

In the comments area, of that issue,
Stian Thorgersen
<https://issues.jboss.org/secure/ViewProfile.jspa?name=stianst> added a
comment - 27/Jul/15 3:01 AM: This is caused by in-proper configuration.
Please use user mailing list for support questions.

________________________________

So, I'm trying my luck here.


I have an app angular using keycloak.js and a java app, rest api, under
protect of the same realm/client. Everything completely straightforward.


I do have a json file, downloaded from keycloak console admin, both in the
java app (WEB-INF Folder) and angular app, for the

new Keycloak("PATH_TO_keycloak.json_FILE");

javascript snippet of code.


Is this what you mean?

Cordialmente.
Alex Gouvêa Vasconcelos
mailto:alexgv99 at gmail.com
MSN: alexgv99 at hotmail.com
http://about.me/alexgv99


2016-02-03 9:12 GMT-02:00 Bruno Oliveira <bruno at abstractj.org>:

> Do you have a JSON file configured? See:
> https://github.com/keycloak/keycloak/blob/master/examples/demo-template/angular-product-app/src/main/webapp/keycloak.json
> ?
>
> What about your realm configuration file, looks like this
> https://github.com/keycloak/keycloak/blob/master/examples/demo-template/testrealm.json#L143
> ?
>
> Not sure if it helps, but at first glance it looks like some
> misconfiguration.
>
> On Thu, Jan 28, 2016 at 2:03 PM, Alex Gouvêa Vasconcelos <
> alexgv99 at gmail.com> wrote:
>
>> Sorry guys, I'm not sure weather the group receive the answer to Mr.
>> Burke question about logs or not...
>>
>>>>>> Do you can an exception stacktrace on app or auth server?​
>>
>> Anyway, there's no log to share, here... the server.log file (in Keycloak
>> cluster - 2 instances) doesn't emit any line in the process... and the
>> Wildfly (where the app is deployed) just say:
>>
>>>>>> 16:10:23,145 WARN [org.keycloak.adapters.OAuthRequestAuthenticator]
>>> ​ ​
>>> (default task-66) No state cookie​
>>
>>
>> ​So, I hope someone could help me here...
>>
>> Thanks.​
>>
>>
>> ---------- Forwarded message ----------
>> From: Alex Gouvêa Vasconcelos <alexgv99 at gmail.com>
>> Date: 2016-01-26 17:16 GMT-02:00
>> Subject: Fwd: Bad Request
>> To: keycloak-dev at lists.jboss.org
>>
>>
>> Hi guys. I'm running into some trouble here...
>>
>> I have a very simple application which should authenticate against
>> keycloak and return to the main page. This is triggered through the web.xml
>> in my application.
>>
>> <web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="
>> http://www.w3.org/2001/XMLSchema-instance"
>> xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
>> http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
>> version="3.0">
>>
>> <module-name>teste</module-name>
>>
>> <filter>
>> <filter-name>CORSFilter</filter-name>
>> <filter-class>br.com.test.tms.teste.util.CORSFilter</filter-class>
>> </filter>
>> <filter-mapping>
>> <filter-name>CORSFilter</filter-name>
>> <url-pattern>/rest/*</url-pattern>
>> </filter-mapping>
>>
>> <distributable />
>>
>> <security-constraint>
>> <web-resource-collection>
>> <web-resource-name>teste</web-resource-name>
>> <url-pattern>/rest/exemploService/secure/*</url-pattern>
>> </web-resource-collection>
>> <auth-constraint>
>> <role-name>*</role-name>
>> </auth-constraint>
>> <user-data-constraint>
>> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
>> </user-data-constraint>
>> </security-constraint>
>>
>> <login-config>
>> <auth-method>KEYCLOAK</auth-method>
>> <realm-name>realmtest</realm-name>
>> </login-config>
>> <security-role>
>> <role-name>user</role-name>
>> </security-role>
>> <security-role>
>> <role-name>admin</role-name>
>> </security-role>
>>
>> </web-app>
>>
>>
>> The server side has a REST API and the client side is an angular
>> application. Everything very simple to just try the development
>> environment. What happens is that, after filling the login page and return
>> to the index.html (actually it's not returning), I receive a 400 BAD
>> REQUEST for the uri:
>>
>>
>> http://localhost:8080/teste/?code=X8VlnUNxYzofJDHzkx1ZmMgO2BP0ZDJ-e2l7uB091Dk.bd5edab3-359b-4616-a403-34fffb427af9&state=67b87fd5-7cc0-4415-9b8b-fc16675229a1
>>
>>
>> It seems to me, that the malformed URI is because of the ?code=... If I
>> reload the page with the same URL, it just return the same 400... if I
>> remove the ? portion, it reloads the page and again redirects to and from
>> the keycloak server, and recovers the ? portion, repeating the same 400.
>>
>> I'm running everything in the same application under wildfly 10. Both the
>> server and client sides in the same deployed WAR.
>>
>> I'd appreciate any help.
>>
>> Best regards.
>>
>> Alex Gouvea Vasconcelos
>>
>>
>>
>>
>>
>>
>>
>> [image: Imagem inline 1]
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>
>
>
>
> --
> - abstractj
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20160220/d287b93a/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: keycloak.png
Type: image/png
Size: 248184 bytes
Desc: not available
Url : http://lists.jboss.org/pipermail/keycloak-dev/attachments/20160220/d287b93a/attachment-0001.png

More information about the keycloak-dev mailing list