<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Oct 27, 2014 at 8:21 AM, Stian Thorgersen <span dir="ltr"><<a href="mailto:stian@redhat.com" target="_blank">stian@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class=""><br>
<br>
----- Original Message -----<br>
> From: "Bill Burke" <<a href="mailto:bburke@redhat.com">bburke@redhat.com</a>><br>
</span><span class="">> To: "Stian Thorgersen" <<a href="mailto:stian@redhat.com">stian@redhat.com</a>><br>
> Cc: <a href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a><br>
> Sent: Friday, 24 October, 2014 4:09:57 PM<br>
> Subject: Re: [keycloak-dev] Keycloak 1.0.3 branch problem<br>
><br>
</span><span class="">> What you're describing isn't CSRF, it is an injection attack. So CSRF<br>
> doesn't apply.<br>
<br>
</span>Yep, I know. It was a moment of brain malfunctioning!<br>
<span class=""><br>
><br>
> In 1.1 you can't post directly to processLogin or processRegister as you<br>
> have to have a client session set up and the client session's state must<br>
> be AUTHENTICATE<br>
<br>
</span>I'll remove it - as you say it's being added in 1.1 in any case, and 1.0.x shouldn't change how things functions any ways.<br></blockquote><div><br></div><div>Hi all,</div><div><br></div><div>I tested the 'new' 1.0.x branch -> works all fine now</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class="HOEnZb"><div class="h5"><br>
><br>
><br>
><br>
><br>
> On 10/24/2014 9:47 AM, Stian Thorgersen wrote:<br>
> > Not sure TBH<br>
> ><br>
> > I was thinking that someone could post from an external page and inject a<br>
> > JS script to capture the username/password. Basically post an invalid<br>
> > username (<script>...</script>) where the script also removes the invalid<br>
> > user/password warning. Then when the user enters username/password the<br>
> > script could capture the username/password and send it somewhere.<br>
> ><br>
> > But, then once I'd done that I realised that we should escape any html<br>
> > entered in input fields any ways so I fixed that, which kinda made the<br>
> > other fix pointless.<br>
> ><br>
> > I reckon I'll remove it! Unless for some reason we want to prevent folks<br>
> > from posting directly to login/registration endpoints?<br>
> ><br>
> > ----- Original Message -----<br>
> >> From: "Bill Burke" <<a href="mailto:bburke@redhat.com">bburke@redhat.com</a>><br>
> >> To: <a href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a><br>
> >> Sent: Friday, 24 October, 2014 2:41:05 PM<br>
> >> Subject: Re: [keycloak-dev] Keycloak 1.0.3 branch problem<br>
> >><br>
> >> Why is there a CSRF check in processLogin? The user isn't even logged<br>
> >> in yet and no credentials have been processed.<br>
> >><br>
> >> On 10/24/2014 6:54 AM, Matthias Wessendorf wrote:<br>
> >>> Hi,<br>
> >>><br>
> >>> I tried picking up KC 1.0.3.Final on our 1.0.x branch:<br>
> >>><br>
> >>> * deployment of both WARs went fine<br>
> >>> * accessing the `<a href="http://localhost:8080/ag-push`" target="_blank">http://localhost:8080/ag-push`</a> offers me the initial<br>
> >>> login for admin:123<br>
> >>> * clicking login did _NOT_ redirect me to the form where I am supposed to<br>
> >>> update the default password.<br>
> >>><br>
> >>><br>
> >>> On WildFly, I got a blank page and this stack-trace:<br>
> >>> ```<br>
> >>> 12:47:35,859 WARN [org.jboss.resteasy.core.ExceptionHandler] (default<br>
> >>> task-10) Failed executing POST<br>
> >>> /realms/aerogear/tokens/auth/request/login:<br>
> >>> org.keycloak.services.ForbiddenException<br>
> >>> at org.keycloak.services.util.CsrfHelper.csrfCheck(CsrfHelper.java:39)<br>
> >>> [keycloak-services-1.0.3.Final.jar:]<br>
> >>> at<br>
> >>> org.keycloak.services.resources.TokenService.processLogin(TokenService.java:479)<br>
> >>> [keycloak-services-1.0.3.Final.jar:]<br>
> >>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)<br>
> >>> [rt.jar:1.7.0_65]<br>
> >>> at<br>
> >>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)<br>
> >>> [rt.jar:1.7.0_65]<br>
> >>> at<br>
> >>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)<br>
> >>> [rt.jar:1.7.0_65]<br>
> >>> at java.lang.reflect.Method.invoke(Method.java:606) [rt.jar:1.7.0_65]<br>
> >>> at<br>
> >>> org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:137)<br>
> >>> [resteasy-jaxrs-3.0.8.Final.jar:]<br>
> >>> at<br>
> >>> org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:296)<br>
> >>> [resteasy-jaxrs-3.0.8.Final.jar:]<br>
> >>> at<br>
> >>> org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:250)<br>
> >>> [resteasy-jaxrs-3.0.8.Final.jar:]<br>
> >>> at<br>
> >>> org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:140)<br>
> >>> [resteasy-jaxrs-3.0.8.Final.jar:]<br>
> >>> at<br>
> >>> org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:103)<br>
> >>> [resteasy-jaxrs-3.0.8.Final.jar:]<br>
> >>> at<br>
> >>> org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:356)<br>
> >>> [resteasy-jaxrs-3.0.8.Final.jar:]<br>
> >>> at<br>
> >>> org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:179)<br>
> >>> [resteasy-jaxrs-3.0.8.Final.jar:]<br>
> >>> at<br>
> >>> org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:220)<br>
> >>> [resteasy-jaxrs-3.0.8.Final.jar:]<br>
> >>> at<br>
> >>> org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56)<br>
> >>> [resteasy-jaxrs-3.0.8.Final.jar:]<br>
> >>> at<br>
> >>> org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51)<br>
> >>> [resteasy-jaxrs-3.0.8.Final.jar:]<br>
> >>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)<br>
> >>> [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final]<br>
> >>> at<br>
> >>> io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85)<br>
> >>> [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]<br>
> >>> at<br>
> >>> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:130)<br>
> >>> [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]<br>
> >>> at<br>
> >>> org.keycloak.services.filters.ClientConnectionFilter.doFilter(ClientConnectionFilter.java:41)<br>
> >>> [keycloak-services-1.0.3.Final.jar:]<br>
> >>> at<br>
> >>> io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60)<br>
> >>> [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]<br>
> >>> at<br>
> >>> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132)<br>
> >>> [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]<br>
> >>> at<br>
> >>> org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:40)<br>
> >>> [keycloak-services-1.0.3.Final.jar:]<br>
> >>> at<br>
> >>> io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60)<br>
> >>> [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]<br>
> >>> at<br>
> >>> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132)<br>
> >>> [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]<br>
> >>> at<br>
> >>> io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:85)<br>
> >>> [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]<br>
> >>> at<br>
> >>> io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:61)<br>
> >>> [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]<br>
> >>> at<br>
> >>> io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)<br>
> >>> [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]<br>
> >>> at<br>
> >>> org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)<br>
> >>> at<br>
> >>> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25)<br>
> >>> [undertow-core-1.0.15.Final.jar:1.0.15.Final]<br>
> >>> at<br>
> >>> io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:113)<br>
> >>> [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]<br>
> >>> at<br>
> >>> io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:56)<br>
> >>> [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]<br>
> >>> at<br>
> >>> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25)<br>
> >>> [undertow-core-1.0.15.Final.jar:1.0.15.Final]<br>
> >>> at<br>
> >>> io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:45)<br>
> >>> [undertow-core-1.0.15.Final.jar:1.0.15.Final]<br>
> >>> at<br>
> >>> io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:61)<br>
> >>> [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]<br>
> >>> at<br>
> >>> io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58)<br>
> >>> [undertow-core-1.0.15.Final.jar:1.0.15.Final]<br>
> >>> at<br>
> >>> io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70)<br>
> >>> [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]<br>
> >>> at<br>
> >>> io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76)<br>
> >>> [undertow-core-1.0.15.Final.jar:1.0.15.Final]<br>
> >>> at<br>
> >>> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25)<br>
> >>> [undertow-core-1.0.15.Final.jar:1.0.15.Final]<br>
> >>> at<br>
> >>> org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)<br>
> >>> at<br>
> >>> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25)<br>
> >>> [undertow-core-1.0.15.Final.jar:1.0.15.Final]<br>
> >>> at<br>
> >>> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25)<br>
> >>> [undertow-core-1.0.15.Final.jar:1.0.15.Final]<br>
> >>> at<br>
> >>> io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:240)<br>
> >>> [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]<br>
> >>> at<br>
> >>> io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:227)<br>
> >>> [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]<br>
> >>> at<br>
> >>> io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:73)<br>
> >>> [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]<br>
> >>> at<br>
> >>> io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:146)<br>
> >>> [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]<br>
> >>> at io.undertow.server.Connectors.executeRootHandler(Connectors.java:177)<br>
> >>> [undertow-core-1.0.15.Final.jar:1.0.15.Final]<br>
> >>> at<br>
> >>> io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:727)<br>
> >>> [undertow-core-1.0.15.Final.jar:1.0.15.Final]<br>
> >>> at<br>
> >>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)<br>
> >>> [rt.jar:1.7.0_65]<br>
> >>> at<br>
> >>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)<br>
> >>> [rt.jar:1.7.0_65]<br>
> >>> at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_65]<br>
> >>> ```<br>
> >>><br>
> >>> On EAP 6.3. I got a 403, with this stack-trace:<br>
> >>> ```<br>
> >>> 12:50:06,377 WARN [org.jboss.resteasy.core.SynchronousDispatcher]<br>
> >>> (http-/0.0.0.0:8080-3) Failed executing POST<br>
> >>> /realms/aerogear/tokens/auth/request/login:<br>
> >>> org.keycloak.services.ForbiddenException<br>
> >>> at org.keycloak.services.util.CsrfHelper.csrfCheck(CsrfHelper.java:39)<br>
> >>> [keycloak-services-1.0.3.Final.jar:]<br>
> >>> at<br>
> >>> org.keycloak.services.resources.TokenService.processLogin(TokenService.java:479)<br>
> >>> [keycloak-services-1.0.3.Final.jar:]<br>
> >>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)<br>
> >>> [rt.jar:1.7.0_65]<br>
> >>> at<br>
> >>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)<br>
> >>> [rt.jar:1.7.0_65]<br>
> >>> at<br>
> >>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)<br>
> >>> [rt.jar:1.7.0_65]<br>
> >>> at java.lang.reflect.Method.invoke(Method.java:606) [rt.jar:1.7.0_65]<br>
> >>> at<br>
> >>> org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:167)<br>
> >>> [resteasy-jaxrs-2.3.8.Final-redhat-3.jar:]<br>
> >>> at<br>
> >>> org.jboss.resteasy.core.ResourceMethod.invokeOnTarget(ResourceMethod.java:269)<br>
> >>> [resteasy-jaxrs-2.3.8.Final-redhat-3.jar:]<br>
> >>> at<br>
> >>> org.jboss.resteasy.core.ResourceMethod.invoke(ResourceMethod.java:227)<br>
> >>> [resteasy-jaxrs-2.3.8.Final-redhat-3.jar:]<br>
> >>> at<br>
> >>> org.jboss.resteasy.core.ResourceLocator.invokeOnTargetObject(ResourceLocator.java:159)<br>
> >>> [resteasy-jaxrs-2.3.8.Final-redhat-3.jar:]<br>
> >>> at<br>
> >>> org.jboss.resteasy.core.ResourceLocator.invoke(ResourceLocator.java:92)<br>
> >>> [resteasy-jaxrs-2.3.8.Final-redhat-3.jar:]<br>
> >>> at<br>
> >>> org.jboss.resteasy.core.SynchronousDispatcher.getResponse(SynchronousDispatcher.java:542)<br>
> >>> [resteasy-jaxrs-2.3.8.Final-redhat-3.jar:]<br>
> >>> at<br>
> >>> org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:524)<br>
> >>> [resteasy-jaxrs-2.3.8.Final-redhat-3.jar:]<br>
> >>> at<br>
> >>> org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:126)<br>
> >>> [resteasy-jaxrs-2.3.8.Final-redhat-3.jar:]<br>
> >>> at<br>
> >>> org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:208)<br>
> >>> [resteasy-jaxrs-2.3.8.Final-redhat-3.jar:]<br>
> >>> at<br>
> >>> org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:55)<br>
> >>> [resteasy-jaxrs-2.3.8.Final-redhat-3.jar:]<br>
> >>> at<br>
> >>> org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:50)<br>
> >>> [resteasy-jaxrs-2.3.8.Final-redhat-3.jar:]<br>
> >>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)<br>
> >>> [jboss-servlet-api_3.0_spec-1.0.2.Final-redhat-1.jar:1.0.2.Final-redhat-1]<br>
> >>> at<br>
> >>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:295)<br>
> >>> [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]<br>
> >>> at<br>
> >>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214)<br>
> >>> [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]<br>
> >>> at<br>
> >>> org.keycloak.services.filters.ClientConnectionFilter.doFilter(ClientConnectionFilter.java:41)<br>
> >>> [keycloak-services-1.0.3.Final.jar:]<br>
> >>> at<br>
> >>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246)<br>
> >>> [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]<br>
> >>> at<br>
> >>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214)<br>
> >>> [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]<br>
> >>> at<br>
> >>> org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:40)<br>
> >>> [keycloak-services-1.0.3.Final.jar:]<br>
> >>> at<br>
> >>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246)<br>
> >>> [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]<br>
> >>> at<br>
> >>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214)<br>
> >>> [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]<br>
> >>> at<br>
> >>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:231)<br>
> >>> [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]<br>
> >>> at<br>
> >>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:149)<br>
> >>> [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]<br>
> >>> at<br>
> >>> org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50)<br>
> >>> [jboss-as-jpa-7.4.0.Final-redhat-19.jar:7.4.0.Final-redhat-19]<br>
> >>> at<br>
> >>> org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50)<br>
> >>> [jboss-as-jpa-7.4.0.Final-redhat-19.jar:7.4.0.Final-redhat-19]<br>
> >>> at<br>
> >>> org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169)<br>
> >>> [jboss-as-web-7.4.0.Final-redhat-19.jar:7.4.0.Final-redhat-19]<br>
> >>> at<br>
> >>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:145)<br>
> >>> [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]<br>
> >>> at<br>
> >>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97)<br>
> >>> [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]<br>
> >>> at<br>
> >>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102)<br>
> >>> [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]<br>
> >>> at<br>
> >>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344)<br>
> >>> [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]<br>
> >>> at<br>
> >>> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856)<br>
> >>> [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]<br>
> >>> at<br>
> >>> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653)<br>
> >>> [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]<br>
> >>> at<br>
> >>> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:926)<br>
> >>> [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]<br>
> >>> at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_65]<br>
> >>> ```<br>
> >>><br>
> >>><br>
> >>><br>
> >>> --<br>
> >>> Matthias Wessendorf<br>
> >>><br>
> >>> blog: <a href="http://matthiaswessendorf.wordpress.com/" target="_blank">http://matthiaswessendorf.wordpress.com/</a><br>
> >>> sessions: <a href="http://www.slideshare.net/mwessendorf" target="_blank">http://www.slideshare.net/mwessendorf</a><br>
> >>> twitter: <a href="http://twitter.com/mwessendorf" target="_blank">http://twitter.com/mwessendorf</a><br>
> >>><br>
> >>><br>
> >>> _______________________________________________<br>
> >>> keycloak-dev mailing list<br>
> >>> <a href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a><br>
> >>> <a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a><br>
> >>><br>
> >><br>
> >> --<br>
> >> Bill Burke<br>
> >> JBoss, a division of Red Hat<br>
> >> <a href="http://bill.burkecentral.com" target="_blank">http://bill.burkecentral.com</a><br>
> >> _______________________________________________<br>
> >> keycloak-dev mailing list<br>
> >> <a href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a><br>
> >> <a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a><br>
> >><br>
><br>
> --<br>
> Bill Burke<br>
> JBoss, a division of Red Hat<br>
> <a href="http://bill.burkecentral.com" target="_blank">http://bill.burkecentral.com</a><br>
><br>
_______________________________________________<br>
keycloak-dev mailing list<br>
<a href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a><br>
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br>Matthias Wessendorf <br><br>blog: <a href="http://matthiaswessendorf.wordpress.com/" target="_blank">http://matthiaswessendorf.wordpress.com/</a><br>sessions: <a href="http://www.slideshare.net/mwessendorf" target="_blank">http://www.slideshare.net/mwessendorf</a><br>twitter: <a href="http://twitter.com/mwessendorf" target="_blank">http://twitter.com/mwessendorf</a>
</div></div>