[keycloak-dev] Keycload Admin page Failed Executing GET /admin/serverinfo

Stian Thorgersen sthorger at redhat.com
Fri Feb 26 03:33:19 EST 2016 

This should work just fine without sticky sessions. We also don't support
sticky sessions at the moment as there's no cookie to stick on. We're going
to look into supporting sticky sessions soon.

On 26 February 2016 at 09:29, Vlastimil Elias <velias at redhat.com> wrote:

> What about configuring Loadbalancer to use sticky sessions?
>
> Vlastimil
>
> On 25.2.2016 16:10, Peter Krivansky wrote:
>
> Hello,
>
>
>
> I have a Keycloak cluster with two servers, in front of each Keaycloak is
> Apache running.
>
>
>
> LB
>
> /\
>
>   Host A    Host B
>
>
>
> Now, Host-A and Host-B are in different subnets, due to this design we are
> running jGroups via TCP.
>
> Now everything is working fine, except for the Keycloak Admin console,
> once a user tries to log in, they get for a milisecond in to the Admin
> console, but then they get redirected to the login page immediately.
>
> When I disable Host-A or Host-B on the Loadbalancer, (new sessions will
> land only on Hst-A or Host-B) the Login to Keycloak Admin Console will work
> normally.
>
> During the immediate redirection there is only this one WARNING in the
> Server.log:
>
>
>
> 15:41:42,886 WARN  [org.jboss.resteasy.core.ExceptionHandler] (default
> task-10) Failed executing GET /admin/serverinfo:
> org.jboss.resteasy.spi.UnauthorizedException: Bearer
>
>          at
> org.keycloak.services.resources.admin.AdminRoot.authenticateRealmAdminRequest(AdminRoot.java:156)
>
>          at
> org.keycloak.services.resources.admin.AdminRoot.getServerInfo(AdminRoot.java:209)
>
>          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>
>          at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
>
>          at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>
>          at java.lang.reflect.Method.invoke(Method.java:498)
>
>          at
> org.jboss.resteasy.core.ResourceLocatorInvoker.createResource(ResourceLocatorInvoker.java:81)
>
>          at
> org.jboss.resteasy.core.ResourceLocatorInvoker.createResource(ResourceLocatorInvoker.java:60)
>
>          at
> org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:102)
>
>          at
> org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:356)
>
>          at
> org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:179)
>
>          at
> org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:220)
>
>          at
> org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56)
>
>          at
> org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51)
>
>          at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
>
>          at
> io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:86)
>
>          at
> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:130)
>
>          at
> org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:61)
>
>          at
> io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60)
>
>          at
> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132)
>
>          at
> io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:85)
>
>          at
> io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
>
>          at
> io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
>
>          at
> org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
>
>          at
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
>
>          at
> io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131)
>
>          at
> io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
>
>          at
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
>
>          at
> io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
>
>          at
> io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
>
>          at
> io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58)
>
>          at
> io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:72)
>
>          at
> io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
>
>          at
> io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76)
>
>          at
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
>
>          at
> org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
>
>          at
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
>
>          at
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
>
>          at
> io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:282)
>
>          at
> io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:261)
>
>          at
> io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:80)
>
>          at
> io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:172)
>
>          at
> io.undertow.server.Connectors.executeRootHandler(Connectors.java:199)
>
>          at
> io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:774)
>
>          at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
>
>          at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
>
>          at java.lang.Thread.run(Thread.java:745)
>
>
>
> I attached my domain.xml
>
> Have I missed something, or what did I wrong?
>
>
>
> With Kind regards Peter
>
>
> _______________________________________________
> keycloak-dev mailing listkeycloak-dev at lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-dev
>
>
> --
> Vlastimil Elias
> Principal Software Engineer
> Developer Portal Engineering Team
>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20160226/57977466/attachment.html

More information about the keycloak-dev mailing list