<div dir="ltr">Thanks Bruno, Marek,<div>My issue was a exactly this missingĀ <span style="font-size:12.8px">auth-server-url on keycloak.jason. I was on a non-rebased branch :))</span></div><div><span style="font-size:12.8px">Thanks again,</span></div><div>++</div><div>Corinne</div></div><div class="gmail_extra"><br><div class="gmail_quote">On 3 May 2016 at 09:20, Marek Posolda <span dir="ltr"><<a href="mailto:mposolda@redhat.com" target="_blank">mposolda@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>Strange, this error usually happens if
you don't have "auth-server-url" in the configuration of
keycloak.json . But you have it in
<a href="https://github.com/aerogear/aerogear-backend-cookbook/blob/master/Shoot/src/main/webapp/WEB-INF/keycloak.json" target="_blank">https://github.com/aerogear/aerogear-backend-cookbook/blob/master/Shoot/src/main/webapp/WEB-INF/keycloak.json</a>
as you pointed in the first mail. <br>
<br>
Isn't any chance there is other REST backend, which you are
calling and which is missing this? <br>
If not, then can you try to temporarily use absolute URL like:<br>
"auth-server-url" : <a href="http://localhost:8080/auth" target="_blank">"http://localhost:8080/auth"</a><br>
and see if it helps?<span class="HOEnZb"><font color="#888888"><br>
<br>
Marek</font></span><div><div class="h5"><br>
<br>
On 03/05/16 09:04, Corinne Krych wrote:<br>
</div></div></div><div><div class="h5">
<blockquote type="cite">
<div dir="ltr">Hello Bruno
<div><br>
</div>
<div>I've tried with Keycloak-demo-1.9.3 and I still hit the
issue:</div>
<div>
<p><span>09:02:27,847 ERROR
[org.keycloak.adapters.BearerTokenRequestAuthenticator]
(default task-74) Failed to verify token:
org.keycloak.common.VerificationException: Realm URL is
null. Make sure to add auth-server-url to the
configuration of your adapter!</span></p>
<p><span><span> </span>at
org.keycloak.RSATokenVerifier.verifyToken(RSATokenVerifier.java:46)</span></p>
<p><span><span> </span>at
org.keycloak.RSATokenVerifier.verifyToken(RSATokenVerifier.java:35)</span></p>
<p><span>I think the secure endpoint is
missing some configuration but not sure what i'm missing.</span></p>
<p><span>++</span></p>
<p><span>Corinne</span></p>
</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On 3 May 2016 at 08:35, Corinne Krych <span dir="ltr"><<a href="mailto:corinnekrych@gmail.com" target="_blank">corinnekrych@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">Ah let me try with KC1.9.3.Final then.
<div><br>
</div>
<div>++</div>
<span><font color="#888888">
<div>Corinne</div>
</font></span></div>
<div>
<div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On 3 May 2016 at 00:13, Bruno
Oliveira <span dir="ltr"><<a href="mailto:bruno@abstractj.org" target="_blank"></a><a href="mailto:bruno@abstractj.org" target="_blank">bruno@abstractj.org</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi
Corinne, I tried here with Keycloak 1.9.3.Final
and couldn't<br>
reproduce your issue.<br>
<br>
I followed exactly the same steps described at
your readme file.<br>
<div>
<div><br>
On 2016-05-02, Corinne Krych wrote:<br>
> Hello Keycloak team,<br>
><br>
> I'm trying to move my OAuth2 demo app
from Keyclaok 1.5 to Keyclaok 1.9.1.<br>
> I've change the OAuth2 endpoints for the
access token. I manage the Oauth2<br>
> dansc ok but when trying to access a
protected resource I hit the error:<br>
><br>
> 22:00:13,501 ERROR
[org.keycloak.adapters.BearerTokenRequestAuthenticator]<br>
> (default task-101) Failed to verify
token:<br>
>
org.keycloak.common.VerificationException:
Realm URL is null. Make sure to<br>
> add auth-server-url to the configuration
of your adapter!<br>
> at
org.keycloak.RSATokenVerifier.verifyToken(RSATokenVerifier.java:46)<br>
> at
org.keycloak.RSATokenVerifier.verifyToken(RSATokenVerifier.java:35)<br>
> at<br>
>
org.keycloak.adapters.BearerTokenRequestAuthenticator.authenticateToken(BearerTokenRequestAuthenticator.java:87)<br>
> at<br>
>
org.keycloak.adapters.BearerTokenRequestAuthenticator.authenticate(BearerTokenRequestAuthenticator.java:82)<br>
> at<br>
>
org.keycloak.adapters.RequestAuthenticator.authenticate(RequestAuthenticator.java:65)<br>
> at<br>
>
org.keycloak.adapters.undertow.AbstractUndertowKeycloakAuthMech.keycloakAuthenticate(AbstractUndertowKeycloakAuthMech.java:110)<br>
> at<br>
>
org.keycloak.adapters.undertow.ServletKeycloakAuthMech.authenticate(ServletKeycloakAuthMech.java:92)<br>
> at<br>
>
io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:233)<br>
> at<br>
>
io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:250)<br>
> at<br>
>
io.undertow.security.impl.SecurityContextImpl$AuthAttempter.access$100(SecurityContextImpl.java:219)<br>
> at<br>
>
io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(SecurityContextImpl.java:121)<br>
> at<br>
>
io.undertow.security.impl.SecurityContextImpl.authTransition(SecurityContextImpl.java:96)<br>
> at<br>
>
io.undertow.security.impl.SecurityContextImpl.authenticate(SecurityContextImpl.java:89)<br>
> at<br>
>
io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:55)<br>
> at<br>
>
io.undertow.server.handlers.DisableCacheHandler.handleRequest(DisableCacheHandler.java:33)<br>
> at<br>
>
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)<br>
> at<br>
>
io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:51)<br>
> at<br>
>
io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)<br>
> at<br>
>
io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)<br>
> at<br>
>
io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:56)<br>
> at<br>
>
io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)<br>
> at<br>
>
io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)<br>
> at<br>
>
io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)<br>
> at<br>
>
io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)<br>
> at<br>
>
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)<br>
> at<br>
>
org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)<br>
> at<br>
>
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)<br>
> at<br>
>
org.keycloak.adapters.undertow.ServletPreAuthActionsHandler.handleRequest(ServletPreAuthActionsHandler.java:69)<br>
> at<br>
>
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)<br>
> at<br>
>
io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284)<br>
> at<br>
>
io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263)<br>
> at<br>
>
io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)<br>
> at<br>
>
io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:174)<br>
> at
io.undertow.server.Connectors.executeRootHandler(Connectors.java:202)<br>
> at
io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793)<br>
> at<br>
>
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)<br>
> at<br>
>
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)<br>
> at java.lang.Thread.run(Thread.java:745)<br>
><br>
> My realm setup is here:<br>
> <a href="https://github.com/aerogear/aerogear-backend-cookbook/blob/master/Shoot/configuration/shoot-realm.json" rel="noreferrer" target="_blank">https://github.com/aerogear/aerogear-backend-cookbook/blob/master/Shoot/configuration/shoot-realm.json</a><br>
><br>
> The keycloak.json used for the protected
endpoint is:<br>
> <a href="https://github.com/aerogear/aerogear-backend-cookbook/blob/master/Shoot/src/main/webapp/WEB-INF/keycloak.json" rel="noreferrer" target="_blank">https://github.com/aerogear/aerogear-backend-cookbook/blob/master/Shoot/src/main/webapp/WEB-INF/keycloak.json</a><br>
><br>
> Is there some specific settings I should
add to work with Keycloak 1.9.x?<br>
><br>
> Your help would be welcome.<br>
><br>
> ++<br>
> Corinne<br>
<br>
</div>
</div>
>
_______________________________________________<br>
> keycloak-dev mailing list<br>
> <a href="mailto:keycloak-dev@lists.jboss.org" target="_blank">keycloak-dev@lists.jboss.org</a><br>
> <a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a><br>
<br>
<br>
--<br>
<br>
abstractj<br>
PGP: 0x84DC9914<br>
</blockquote>
</div>
<br>
</div>
</div>
</div>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset></fieldset>
<br>
<pre>_______________________________________________
keycloak-dev mailing list
<a href="mailto:keycloak-dev@lists.jboss.org" target="_blank">keycloak-dev@lists.jboss.org</a>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a></pre>
</blockquote>
<br>
</div></div></div>
</blockquote></div><br></div>