[keycloak-user] multiple redirects after authentication

Pulkit Gupta pulgupta at redhat.com
Tue Oct 4 12:11:01 EDT 2016 

Hi Jared,

We already have <distributable /> in our web.xml but.still facing the issue.
Also Chris, no this is a Java adapter for Jboss.

Regards,
Pulkit.

On Tue, Oct 4, 2016 at 9:23 PM, Jared Blashka <jblashka at redhat.com> wrote:

> Just a guess, but if your app is behind a load balancer you need to have
> either sticky sessions on (to make sure client requests always end up at
> the same server) or put the <distributable/> tag in your web.xml to enable
> session replication between nodes. We had a similar issue that was resolved
> by enabling session replication.
>
> Jared
>
> On Oct 4, 2016 11:25 AM, "Chris Savory" <chris.savory at edlogics.com> wrote:
>
>> Is this using the JavaScript adapter? We ran into a similar problem
>> yesterday.
>>
>> --
>> Christopher Savory
>> Software Engineer | EdLogics
>> www.edlogics.com <http://www.edlogics.com/>
>>
>>  <http://www.edlogics.com/>
>>  <https://www.linkedin.com/company/edlogics> <
>> https://twitter.com/EdLogics>
>>
>> On 10/4/16, 9:45 AM, "keycloak-user-bounces at lists.jboss.org on behalf of
>> Pulkit Gupta" <keycloak-user-bounces at lists.jboss.org on behalf of
>> pulgupta at redhat.com> wrote:
>>
>>     Hi Josh,
>>
>>     I have the paths with trailing slashes in my web.xml. Just my
>> entityId does
>>     not has a trailing slash.
>>     Also the application sometime works in one assertion and sometime it
>> will
>>     take 3-4 round trips but it always works eventually.
>>     We enabled the debug logging but it seems adapter does not put
>> anything in
>>     the logs.
>>
>>     I am not sure where to look next. In case you can think of anything
>> else
>>     that will really help me unblock myself.
>>
>>     Regards,
>>     Pulkit.
>>
>>
>>     On Tue, Oct 4, 2016 at 7:15 PM, Josh Cain <jcain at redhat.com> wrote:
>>
>>     > I used to see something similar in Picketlink if I configured a
>> web.xml
>>     > without paying attention to the trailing slash (I.E.
>> https://example.co
>>     > m/foo vs https://example.com/foo/).  The IDP would isse an
>>     > assertion/token for the audience that did not match the security
>>     > constraint (based on the trailing slash), then an infinite redirect
>>     > loop would occur.
>>     >
>>     > Maybe check your trailing slashes?
>>     > On Tue, 2016-10-04 at 16:21 +0530, Pulkit Gupta wrote:
>>     > > Yes,
>>     > >
>>     > > I am using the standard adapter.
>>     > > This is happening more frequently now.
>>     > >
>>     > > Regards,
>>     > > Pulkit.
>>     > >
>>     > > On Mon, Oct 3, 2016 at 9:24 PM, Bill Burke <bburke at redhat.com>
>> wrote:
>>     > >
>>     > > >
>>     > > > Are you using our adapters?
>>     > > >
>>     > > >
>>     > > > On 10/3/16 3:13 AM, Pulkit Gupta wrote:
>>     > > > >
>>     > > > > Hi All,
>>     > > > >
>>     > > > > I am facing a problem with my keycloak integration.
>>     > > > > When I enter the URL of my application it gets redirected to
>> the
>>     > > > > keycloak
>>     > > > > server.
>>     > > > >
>>     > > > > After I enter the credentials the server redirects back to my
>>     > > > > application
>>     > > > > URL.
>>     > > > > Till now things look ok. Once authentication is successful
>> weird
>>     > > > > thing
>>     > > > > starts.
>>     > > > >
>>     > > > > Keycloak server redirects back to my application.
>>     > > > > My application again redirects to the keycloak server which
>>     > > > > without
>>     > > > showing
>>     > > > >
>>     > > > > the login page again redirects to my application. This happens
>>     > > > > once or
>>     > > > > twice after which finally my application page loads. In this
>>     > > > > process, I
>>     > > > can
>>     > > > >
>>     > > > > see multiple SAML XMLs being exchanged.
>>     > > > >
>>     > > > > Environment and setup Details
>>     > > > >              SP EntityID  :  /wapps/distributors
>>     > > > >              Page I am visiting directly :
>> https://www.xxxx.com/w
>>     > > > > apps/
>>     > > > > distributors/protected/nachannelsearch.html
>>     > > > >              Server : 2 Jboss 6 servers running behind a LB
>>     > > > >
>>     > > > > Please let me know in case this is something related to
>>     > > > > configuration or
>>     > > > > might be some issue related to proxies or load balancers in my
>>     > > > environment.
>>     > > > >
>>     > > > >
>>     > > >
>>     > > > _______________________________________________
>>     > > > keycloak-user mailing list
>>     > > > keycloak-user at lists.jboss.org
>>     > > > https://lists.jboss.org/mailman/listinfo/keycloak-user
>>     > > >
>>     > >
>>     > >
>>     > >
>>     >
>>
>>
>>
>>     --
>>     Thanks,
>>     Pulkit
>>     AMS
>>     _______________________________________________
>>     keycloak-user mailing list
>>     keycloak-user at lists.jboss.org
>>     https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>>
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>


-- 
Thanks,
Pulkit
AMS

More information about the keycloak-user mailing list