[keycloak-user] Error on application log in

Wed Nov 19 12:35:15 EST 2014

I tried deploying it onto a local wildfly in domain without the SSL enabled
and it worked. What I can't figure it out is why the SSL is causing
conflict and how to solve this, I can't simply disable the SSL.

Regards

On Wed, Nov 19, 2014 at 11:28 AM, Stan Silvert <ssilvert at redhat.com> wrote:

>  Have you tried it using the two servers but without SSL?
>
> You can set ssl-required to "none" on the adapter (application) side.
> Also on the Keycloak server side, try setting Access Type to "public".  Do
> one of those at a time and see if either causes it to work.  That might
> narrow it down a bit.
>
>
> On 11/19/2014 11:29 AM, Fabián Silva wrote:
>
>  Hi,
> I'm running out of ideas in here. In simple terms I got a Wildfly running
> on domain on a server and a keycloak on another server. I set the adapters
> on my wildfly and deploy, to this wildfly, a web app that uses keycloak.
> When I try to access the web app it displays the keycloak login, it
> validates the users ok, but when you access with a correct user and
> password it shows the "403 - Forbidden". At first I thought it was some
> issue with the roles, but that didn't fix it.
>
>  Regards
>
> On Fri, Nov 14, 2014 at 10:20 AM, Fabián Silva <afsg77 at gmail.com> wrote:
>
>>  Hi,
>> It is already set to use the absolute path. And the keycloak is working
>> when I deploy the application to my local wildfly domain. The issue is when
>> I try to deploy to another wildfly in domain mode on a separate server. The
>> application is the same and the only difference I can tell from the two
>> wildflys is that the local don't have the SSL/HTTPS enabled. I have the
>> keycloak adapter set in both domains.
>>
>>  I'm trying to trace those errors on the keycloak code to try to
>> understand what is happening, but I haven't been so lucky with this.
>>
>>  Regards
>> Alejandro Fabián Silva Grifé
>>
>> On Fri, Nov 14, 2014 at 2:27 AM, Marek Posolda <mposolda at redhat.com>
>> wrote:
>>
>>>  Hi,
>>>
>>> it failed on the adapter (application) side and error 404 means "Not
>>> found". So adapter can't find the keycloak server to turn code into token.
>>> Make sure to configure "auth-server-url" in keycloak.json for your
>>> application properly. If relative uri doesn't work for some reason, you can
>>> rather try to use absolute uri for auth-server-url like
>>> "https://localhost:8443/auth" <https://localhost:8443/auth> .
>>>
>>> Marek
>>>
>>>
>>> On 14.11.2014 01:31, Fabián Silva wrote:
>>>
>>>   I have a keycloak installed on wildfly standalone. I'm trying to
>>> deploy an application, that use this keycloak, on a separate server with
>>> wilflly running on domain mode. I tried first to deploy on a domain out of
>>> the box on my local machine, setting the
>>> keycloak-wildfly-adapter-dist-1.0.4.Final. It deploys fine and does the
>>> authentication without any issues. When I try to migrate it to the server
>>> running my wilfly (also in domain mode and the keycloak adapter set), it
>>> deploys fine and shows the keycloak login once you enter the application.
>>> But the problem is that when you login it displays a "403 - Forbidden" and
>>> on the log I'm seeing
>>> ERROR [org.keycloak.adapters.OAuthRequestAuthenticator] (default task-6)
>>> failed to turn code into token
>>> ERROR [org.keycloak.adapters.OAuthRequestAuthenticator] (default task-6)
>>> status from server: 404
>>> The only difference between those two wildfly domain mode is that in the
>>> local I don't have the the SSL/HTTPS enabled.
>>>
>>>  Have anyone seen this error? or have an idea of what this could be?
>>>
>>>  Regards
>>>
>>>
>>>  _______________________________________________
>>> keycloak-user mailing listkeycloak-user at lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>>
>>>
>>
>
>
> _______________________________________________
> keycloak-user mailing listkeycloak-user at lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20141119/53568895/attachment-0001.html 