[keycloak-user] Signed JWT issue

abhishek raghav abhi.raghav007 at gmail.com
Fri Aug 12 03:44:20 EDT 2016 

Hi Team,

Recently i ran into an issue where i am using signedJWT tokens as client
authentication mechnaism instead of client id/secret.

My keyclok.json looks like this:

  "realm": "nginx",
  "realm-public-key":
"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzb6ecdzvU+RoI0Qu6Psh1NFKLUoSuSfoAdW/nD5sr0M1FDpLOrsRIzIRScS9DJ28n1+Kdvrad9aS/UMsr+NXHRoSPeZuabAtfDCYx49+NhtR+LW97rB4lBNnXf148mkhikyZ0B08naQlhgkAqBXR5oxOo/FqWCObhZxBPsU9BcL4Qb5JO1we8k+7kIHTFyhHbZvEAk292eIG+GyrUDh+ZyE8T8Myde0GM1Korg9ZsdYxbb3U78bmxgvBmeye+Dq89EbyNDE3K/7giq7Gmh4Gu6fVcJG9tCjl1pS7CiDH1gTuITJxSJO3bPRf58SVoId8S26/5YMIq7pqwXe/pyvAewIDAQAB",
  "auth-server-url": "http://192.168.99.100:31048/auth",
  "ssl-required": "external",
  "resource": "product-portal",
  "enable-cors" : false,
  "credentials": {
   "jwt": {
     "client-key-password": "changeit",
     "client-keystore-file": "/keystore/keystore.jks",
     "client-keystore-password": "changeit",
     "client-key-alias": "product-portal",
     "token-timeout": 10,
     "client-keystore-type": "jks"
    }
  }
}


But when i am trying to deploy this app in my local tomcat, the app doesnt
deploy and failed. I saw my catalina.log file which tells this:

12-Aug-2016 07:13:09.400 SEVERE [localhost-startStop-1]
org.apache.catalina.startup.HostConfig.deployWAR Error deploying web
applicatio
n archive /usr/local/tomcat/webapps/product-portal.war
 java.lang.RuntimeException: org.codehaus.jackson.map.JsonMappingException:
Can not deserialize instance of java.lang.String out of STA
RT_OBJECT token
 at [Source: java.io.FileInputStream at 7d33dbab; line: 9, column: 5] (through
reference chain: org.keycloak.representations.adapters.conf
ig.AdapterConfig["credentials"])
        at
org.keycloak.adapters.KeycloakDeploymentBuilder.loadAdapterConfig(KeycloakDeploymentBuilder.java:104)
        at
org.keycloak.adapters.KeycloakDeploymentBuilder.build(KeycloakDeploymentBuilder.java:93)
        at
org.keycloak.adapters.tomcat.AbstractKeycloakAuthenticatorValve.keycloakInit(AbstractKeycloakAuthenticatorValve.java:116)
        at
org.keycloak.adapters.tomcat.AbstractKeycloakAuthenticatorValve.lifecycleEvent(AbstractKeycloakAuthenticatorValve.java:65)
        at
org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:95)
        at
org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:90)
        at
org.apache.catalina.util.LifecycleBase.setStateInternal(LifecycleBase.java:394)
        at
org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:165)
        at
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:725)
        at
org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:701)
        at
org.apache.catalina.core.StandardHost.addChild(StandardHost.java:717)
        at
org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:940)
        at
org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1816)
        at
java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
        at java.util.concurrent.FutureTask.run(FutureTask.java:262)
        at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
        at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
        at java.lang.Thread.run(Thread.java:745)
Caused by: org.codehaus.jackson.map.JsonMappingException: Can not
deserialize instance of java.lang.String out of START_OBJECT token
 at [Source: java.io.FileInputStream at 7d33dbab; line: 9, column: 5] (through
reference chain: org.keycloak.representations.adapters.conf
ig.AdapterConfig["credentials"])
        at
org.codehaus.jackson.map.JsonMappingException.from(JsonMappingException.java:163)
        at
org.codehaus.jackson.map.deser.StdDeserializationContext.mappingException(StdDeserializationContext.java:219)
        at
org.codehaus.jackson.map.deser.std.StringDeserializer.deserialize(StringDeserializer.java:44)
        at
org.codehaus.jackson.map.deser.std.StringDeserializer.deserialize(StringDeserializer.java:13)
        at
org.codehaus.jackson.map.deser.std.MapDeserializer._readAndBind(MapDeserializer.java:319)
        at
org.codehaus.jackson.map.deser.std.MapDeserializer.deserialize(MapDeserializer.java:249)
        at
org.codehaus.jackson.map.deser.std.MapDeserializer.deserialize(MapDeserializer.java:33)
        at
org.codehaus.jackson.map.deser.SettableBeanProperty.deserialize(SettableBeanProperty.java:299)
        at
org.codehaus.jackson.map.deser.SettableBeanProperty$MethodProperty.deserializeAndSet(SettableBeanProperty.java:414)
        at
org.codehaus.jackson.map.deser.BeanDeserializer.deserializeFromObject(BeanDeserializer.java:697)
......

It shows problem in "credentials" property to deserilize.

I am using Keycloak 2.0.0.Final and tomcat 8.0.36 version.
for keycloak I am using tomcat adapter for my app.

Please help.


*- Best Regards*
   Abhishek Raghav
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160812/23c74f43/attachment-0001.html

More information about the keycloak-user mailing list