[keycloak-user] Two OIDC working, but not SSO

Tech tech at psynd.net
Thu Apr 27 03:14:02 EDT 2017


Hello,

opening the browser the KEYCLOAK_IDENTITY cookie does not appear, but in 
my understanding this is created when you have an active session to 
Keycloak like accessing to the admin interface.

No proxies, cookies or load balancers in the backend server.




On 26/04/17 16:17, Marek Posolda wrote:
> Thanks, are you seeing KEYCLOAK_IDENTITY cookie for your browser for 
> path "/auth/realms/yourrealm" ? Are you using proxy/loadbalancer, 
> which may cause that cookies sent to the proxy are not visible on the 
> backend server (Keycloak)?
>
> Marek
>
>
> On 26/04/17 09:09, Tech wrote:
>> Hello again,
>>
>> so:
>> 1) they are both using the same kc realm
>> 2) the cookie is not disabled
>> 3) in attach a screenshot, it's identical for the two application, 
>> with the difference that one the two URL has the "2"
>>
>>
>>
>>
>> On 26/04/17 06:17, Marek Posolda wrote:
>>> On 25/04/17 22:36, Tech wrote:
>>>>
>>>> Hello Marek,
>>>>
>>>> 1) yes, they are both using the same Kc realm
>>>>
>>>> 2) how can I check this point?
>>>>
>>> In Keycloak admin console, there is tab "Authentication" and then 
>>> flow "browser" .
>>>
>>> Marek
>>>>
>>>> 3) I checked already, I don't think that anything like that is 
>>>> enabled, but I will send you a screen shot in the coming hours (not 
>>>> in the office right now)
>>>>
>>>> Thanks for the support
>>>>
>>>>
>>>>
>>>>
>>>> On 25.04.17 22:14, Marek Posolda wrote:
>>>>> Normally SSO between client applications is supposed to work. I 
>>>>> would check:
>>>>>
>>>>> - Are both your clients (portal1 and portal2) using same Keycloak 
>>>>> realm? SSO will work just with same realm
>>>>>
>>>>> - Is Cookie authenticator enabled for authentication browser flow 
>>>>> of your realm? Didn't you accidentally disable it? SSO requires 
>>>>> that it is enabled
>>>>>
>>>>> - How does URL to Keycloak login screen looks like? I wonder if 
>>>>> your PHP adapter uses some parameters, which causes SSO disabled 
>>>>> (eg. prompt=login or max_age=0)
>>>>>
>>>>> Marek
>>>>>
>>>>> On 25/04/17 14:18, Tech wrote:
>>>>>>
>>>>>> Anybody with any ideas?
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On 25/04/17 12:53, Tech wrote:
>>>>>>>
>>>>>>> Hello Marek,
>>>>>>>
>>>>>>> maybe my email was confusing, we run initially two tests were we 
>>>>>>> login and logout in both portal to check that the oidc is 
>>>>>>> working on each of them.
>>>>>>>
>>>>>>> Once we know that OIDC is working, then we are expecting to 
>>>>>>> login to portal1 and opening portal2, to find us already logged 
>>>>>>> in, but this doesn't happen and we are forced to login again
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On 25/04/17 12:41, Marek Posolda wrote:
>>>>>>>> If you don't do "Logout from portal1" at the end of first test, 
>>>>>>>> then SSO should work and you will be automatically logged into 
>>>>>>>> portal2 without a need to put your credentials.
>>>>>>>>
>>>>>>>> The logout is "SSO logout", hence it also kills the SSO session 
>>>>>>>> on Keycloak side and requires user to re-login.
>>>>>>>>
>>>>>>>> Marek
>>>>>>>>
>>>>>>>> On 25/04/17 12:31, Tech wrote:
>>>>>>>>> Dear experts,
>>>>>>>>>
>>>>>>>>> we are working with Moodle, a PHP based platform, where we 
>>>>>>>>> have been
>>>>>>>>> able to configure correctly Keycloak to implement OIDC.
>>>>>>>>>
>>>>>>>>> To test Keycloak we cloned this application, with different 
>>>>>>>>> URLs and we
>>>>>>>>> did the first test:
>>>>>>>>>
>>>>>>>>>    * Connect to portal1
>>>>>>>>>    * User not recognized and redirected to Keycloak through OIDC
>>>>>>>>>    * Enter credentials stored into Keycloak
>>>>>>>>>    * User accepted and redirected to portal1
>>>>>>>>>    * Logout from portal1
>>>>>>>>>
>>>>>>>>> After this we tested the second application:
>>>>>>>>>
>>>>>>>>>    * Connect to portal2
>>>>>>>>>    * User not recognized and redirected to Keycloak through OIDC
>>>>>>>>>    * Enter credentials stored into Keycloak
>>>>>>>>>    * User accepted and redirected to portal2
>>>>>>>>>    * Logout from portal2
>>>>>>>>>
>>>>>>>>> In this case I know that OIDC is working for the two 
>>>>>>>>> applications and we
>>>>>>>>> can expect that also the SSO is working, but after the login 
>>>>>>>>> in portal1
>>>>>>>>> we have to login again portal2, and vice-versa.
>>>>>>>>>
>>>>>>>>> We attach below here some logs, could you please help?
>>>>>>>>>
>>>>>>>>> Thanks
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> *Login to portal1*
>>>>>>>>>
>>>>>>>>> 2017-04-25 09:54:40,503 DEBUG [org.jboss.ejb.client.txn] 
>>>>>>>>> (Periodic
>>>>>>>>> Recovery) Send recover request for transaction origin node 
>>>>>>>>> identifier 1
>>>>>>>>> to EJB receiver with node name 79051ccf69ac
>>>>>>>>> 2017-04-25 09:54:45,055 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper] (default 
>>>>>>>>> task-30) new
>>>>>>>>> JtaTransactionWrapper
>>>>>>>>> 2017-04-25 09:54:45,056 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper] (default 
>>>>>>>>> task-30) was
>>>>>>>>> existing? false
>>>>>>>>> 2017-04-25 09:54:45,056 DEBUG 
>>>>>>>>> [org.jboss.resteasy.resteasy_jaxrs.i18n]
>>>>>>>>> (default task-30) RESTEASY002315: PathInfo:
>>>>>>>>> /realms/demo/protocol/openid-connect/auth
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>> [org.keycloak.authentication.AuthenticationProcessor] (default 
>>>>>>>>> task-30)
>>>>>>>>> AUTHENTICATE
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>> [org.keycloak.authentication.AuthenticationProcessor] (default 
>>>>>>>>> task-30)
>>>>>>>>> AUTHENTICATE ONLY
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) processFlow
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) check execution: auth-cookie requirement: ALTERNATIVE
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) authenticator: auth-cookie
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) invoke authenticator.authenticate
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>> [org.keycloak.services.managers.AuthenticationManager] 
>>>>>>>>> (default task-30)
>>>>>>>>> Could not find cookie: KEYCLOAK_IDENTITY
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) authenticator ATTEMPTED: auth-cookie
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) check execution: auth-spnego requirement: DISABLED
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) execution is processed
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) check execution: identity-provider-redirector 
>>>>>>>>> requirement:
>>>>>>>>> ALTERNATIVE
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) authenticator: identity-provider-redirector
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) invoke authenticator.authenticate
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) authenticator ATTEMPTED: identity-provider-redirector
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) check execution: null requirement: ALTERNATIVE
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) execution is flow
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) processFlow
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) check execution: auth-username-password-form 
>>>>>>>>> requirement: REQUIRED
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) authenticator: auth-username-password-form
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) invoke authenticator.authenticate
>>>>>>>>> 2017-04-25 09:54:45,060 DEBUG [freemarker.cache] (default 
>>>>>>>>> task-30)
>>>>>>>>> TemplateLoader.findTemplateSource("template_en_US.ftl"): Not 
>>>>>>>>> found
>>>>>>>>> 2017-04-25 09:54:45,060 DEBUG [freemarker.cache] (default 
>>>>>>>>> task-30)
>>>>>>>>> TemplateLoader.findTemplateSource("template_en.ftl"): Not found
>>>>>>>>> 2017-04-25 09:54:45,060 DEBUG [freemarker.cache] (default 
>>>>>>>>> task-30)
>>>>>>>>> TemplateLoader.findTemplateSource("template.ftl"): Found
>>>>>>>>> 2017-04-25 09:54:45,061 DEBUG [freemarker.cache] (default 
>>>>>>>>> task-30)
>>>>>>>>> "template.ftl"("en_US", UTF-8, parsed): using cached since
>>>>>>>>> file:/opt/jboss/keycloak/themes/base/login/template.ftl hasn't 
>>>>>>>>> changed.
>>>>>>>>> 2017-04-25 09:54:45,064 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) authenticator CHALLENGE: auth-username-password-form
>>>>>>>>> 2017-04-25 09:54:45,064 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper] (default 
>>>>>>>>> task-30)
>>>>>>>>> JtaTransactionWrapper  commit
>>>>>>>>> 2017-04-25 09:54:45,064 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper] (default 
>>>>>>>>> task-30)
>>>>>>>>> JtaTransactionWrapper end
>>>>>>>>> 2017-04-25 09:54:50,503 DEBUG [org.jboss.ejb.client.txn] 
>>>>>>>>> (Periodic
>>>>>>>>> Recovery) Send recover request for transaction origin node 
>>>>>>>>> identifier 1
>>>>>>>>> to EJB receiver with node name 79051ccf69ac
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> *After authentication to portal1**
>>>>>>>>> *
>>>>>>>>> 2017-04-25 09:54:56,041 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper] (default 
>>>>>>>>> task-31) new
>>>>>>>>> JtaTransactionWrapper
>>>>>>>>> 2017-04-25 09:54:56,041 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper] (default 
>>>>>>>>> task-31) was
>>>>>>>>> existing? false
>>>>>>>>> 2017-04-25 09:54:56,042 DEBUG 
>>>>>>>>> [org.jboss.resteasy.resteasy_jaxrs.i18n]
>>>>>>>>> (default task-31) RESTEASY002315: PathInfo:
>>>>>>>>> /realms/Demo/login-actions/authenticate
>>>>>>>>> 2017-04-25 09:54:56,042 DEBUG
>>>>>>>>> [org.keycloak.authentication.AuthenticationProcessor] (default 
>>>>>>>>> task-31)
>>>>>>>>> authenticationAction
>>>>>>>>> 2017-04-25 09:54:56,042 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) processAction: dfde24fe-5e06-4dc9-8dc2-f82eedd89846
>>>>>>>>> 2017-04-25 09:54:56,043 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) check: auth-cookie requirement: ALTERNATIVE
>>>>>>>>> 2017-04-25 09:54:56,043 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) execution is processed
>>>>>>>>> 2017-04-25 09:54:56,043 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) check: auth-spnego requirement: DISABLED
>>>>>>>>> 2017-04-25 09:54:56,043 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) execution is processed
>>>>>>>>> 2017-04-25 09:54:56,043 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) check: identity-provider-redirector requirement: 
>>>>>>>>> ALTERNATIVE
>>>>>>>>> 2017-04-25 09:54:56,043 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) execution is processed
>>>>>>>>> 2017-04-25 09:54:56,043 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) check: null requirement: ALTERNATIVE
>>>>>>>>> 2017-04-25 09:54:56,043 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) processAction: dfde24fe-5e06-4dc9-8dc2-f82eedd89846
>>>>>>>>> 2017-04-25 09:54:56,043 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) check: auth-username-password-form requirement: REQUIRED
>>>>>>>>> 2017-04-25 09:54:56,043 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) action: auth-username-password-form
>>>>>>>>> 2017-04-25 09:54:56,141 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) authenticator SUCCESS: auth-username-password-form
>>>>>>>>> 2017-04-25 09:54:56,141 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) processFlow
>>>>>>>>> 2017-04-25 09:54:56,141 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) check execution: auth-otp-form requirement: OPTIONAL
>>>>>>>>> 2017-04-25 09:54:56,141 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) authenticator: auth-otp-form
>>>>>>>>> 2017-04-25 09:54:56,141 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) processFlow
>>>>>>>>> 2017-04-25 09:54:56,141 DEBUG
>>>>>>>>> [org.hibernate.resource.transaction.backend.jta.internal.JtaTransactionCoordinatorImpl] 
>>>>>>>>>
>>>>>>>>> (default task-31) Hibernate RegisteredSynchronization 
>>>>>>>>> successfully
>>>>>>>>> registered with JTA platform
>>>>>>>>> 2017-04-25 09:54:56,142 DEBUG [org.hibernate.SQL] (default 
>>>>>>>>> task-31)
>>>>>>>>>       select
>>>>>>>>>           roleentity0_.ID as col_0_0_
>>>>>>>>>       from
>>>>>>>>>           KEYCLOAK_ROLE roleentity0_
>>>>>>>>>       where
>>>>>>>>>           roleentity0_.CLIENT_ROLE=0
>>>>>>>>>           and roleentity0_.NAME=?
>>>>>>>>>           and roleentity0_.REALM=?
>>>>>>>>> 2017-04-25 09:54:56,142 DEBUG
>>>>>>>>> [org.jboss.jca.core.connectionmanager.pool.strategy.OnePool] 
>>>>>>>>> (default
>>>>>>>>> task-31) MySqlDS: getConnection(null,
>>>>>>>>> WrappedConnectionRequestInfo at 4570d800[userName=KeycloakUSR]) 
>>>>>>>>> [0/20]
>>>>>>>>> 2017-04-25 09:54:56,143 DEBUG
>>>>>>>>> [org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl] 
>>>>>>>>>
>>>>>>>>> (default task-31) Initiating JDBC connection release from 
>>>>>>>>> afterStatement
>>>>>>>>> 2017-04-25 09:54:56,143 DEBUG [org.hibernate.SQL] (default 
>>>>>>>>> task-31)
>>>>>>>>>       select
>>>>>>>>>           roleentity0_.ID as col_0_0_
>>>>>>>>>       from
>>>>>>>>>           KEYCLOAK_ROLE roleentity0_
>>>>>>>>>       where
>>>>>>>>>           roleentity0_.CLIENT_ROLE=0
>>>>>>>>>           and roleentity0_.NAME=?
>>>>>>>>>           and roleentity0_.REALM=?
>>>>>>>>> 2017-04-25 09:54:56,144 DEBUG
>>>>>>>>> [org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl] 
>>>>>>>>>
>>>>>>>>> (default task-31) Initiating JDBC connection release from 
>>>>>>>>> afterStatement
>>>>>>>>> 2017-04-25 09:54:56,144 DEBUG [org.hibernate.SQL] (default 
>>>>>>>>> task-31)
>>>>>>>>>       select
>>>>>>>>>           roleentity0_.ID as col_0_0_
>>>>>>>>>       from
>>>>>>>>>           KEYCLOAK_ROLE roleentity0_
>>>>>>>>>       where
>>>>>>>>>           roleentity0_.CLIENT_ROLE=0
>>>>>>>>>           and roleentity0_.NAME=?
>>>>>>>>>           and roleentity0_.REALM=?
>>>>>>>>> 2017-04-25 09:54:56,144 DEBUG
>>>>>>>>> [org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl] 
>>>>>>>>>
>>>>>>>>> (default task-31) Initiating JDBC connection release from 
>>>>>>>>> afterStatement
>>>>>>>>> 2017-04-25 09:54:56,145 DEBUG [org.keycloak.events] (default 
>>>>>>>>> task-31)
>>>>>>>>> type=LOGIN, realmId=Demo, clientId=moodle,
>>>>>>>>> userId=ed5ba52a-531d-4e6e-b12e-9bc0957a8c1f, 
>>>>>>>>> ipAddress=192.168.0.27,
>>>>>>>>> auth_method=openid-connect, auth_type=code,
>>>>>>>>> redirect_uri=https://localhost/moodleiam/auth/oidc/,
>>>>>>>>> consent=no_consent_required,
>>>>>>>>> code_id=08539f13-cb1c-423e-86a3-365c29b055f1, username=testuser
>>>>>>>>> 2017-04-25 09:54:56,145 DEBUG
>>>>>>>>> [org.keycloak.services.managers.AuthenticationManager] 
>>>>>>>>> (default task-31)
>>>>>>>>> Removing old user session: session: 
>>>>>>>>> 9a5218f8-aa9c-496c-aa00-780430f19c1b
>>>>>>>>> 2017-04-25 09:54:56,145 DEBUG
>>>>>>>>> [org.keycloak.services.managers.AuthenticationManager] 
>>>>>>>>> (default task-31)
>>>>>>>>> Create login cookie - name: KEYCLOAK_IDENTITY, path: 
>>>>>>>>> /auth/realms/Demo,
>>>>>>>>> max-age: -1
>>>>>>>>> 2017-04-25 09:54:56,145 DEBUG
>>>>>>>>> [org.keycloak.services.managers.AuthenticationManager] 
>>>>>>>>> (default task-31)
>>>>>>>>> Expiring remember me cookie
>>>>>>>>> 2017-04-25 09:54:56,145 DEBUG
>>>>>>>>> [org.keycloak.services.managers.AuthenticationManager] 
>>>>>>>>> (default task-31)
>>>>>>>>> Expiring cookie: KEYCLOAK_REMEMBER_ME path: /auth/realms/Demo
>>>>>>>>> 2017-04-25 09:54:56,146 DEBUG
>>>>>>>>> [org.keycloak.protocol.oidc.OIDCLoginProtocol] (default task-31)
>>>>>>>>> redirectAccessCode: state: bIJNAcPb8Rxz8Wb
>>>>>>>>> 2017-04-25 09:54:56,146 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper] (default 
>>>>>>>>> task-31)
>>>>>>>>> JtaTransactionWrapper  commit
>>>>>>>>> 2017-04-25 09:54:56,149 DEBUG
>>>>>>>>> [org.jboss.jca.core.connectionmanager.pool.strategy.OnePool] 
>>>>>>>>> (default
>>>>>>>>> task-31) MySqlDS: returnConnection(4edba62b, false) [0/20]
>>>>>>>>> 2017-04-25 09:54:56,149 DEBUG
>>>>>>>>> [org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl] 
>>>>>>>>>
>>>>>>>>> (default task-31) Initiating JDBC connection release from 
>>>>>>>>> afterTransaction
>>>>>>>>> 2017-04-25 09:54:56,149 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper] (default 
>>>>>>>>> task-31)
>>>>>>>>> JtaTransactionWrapper end
>>>>>>>>> 2017-04-25 09:54:56,642 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper] (default 
>>>>>>>>> task-24) new
>>>>>>>>> JtaTransactionWrapper
>>>>>>>>> 2017-04-25 09:54:56,642 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper] (default 
>>>>>>>>> task-24) was
>>>>>>>>> existing? false
>>>>>>>>> 2017-04-25 09:54:56,642 DEBUG 
>>>>>>>>> [org.jboss.resteasy.resteasy_jaxrs.i18n]
>>>>>>>>> (default task-24) RESTEASY002315: PathInfo:
>>>>>>>>> /realms/demo/protocol/openid-connect/token
>>>>>>>>> 2017-04-25 09:54:56,643 DEBUG
>>>>>>>>> [org.keycloak.authentication.AuthenticationProcessor] (default 
>>>>>>>>> task-24)
>>>>>>>>> AUTHENTICATE CLIENT
>>>>>>>>> 2017-04-25 09:54:56,643 DEBUG
>>>>>>>>> [org.keycloak.authentication.ClientAuthenticationFlow] 
>>>>>>>>> (default task-24)
>>>>>>>>> client authenticator: client-secret
>>>>>>>>> 2017-04-25 09:54:56,643 DEBUG
>>>>>>>>> [org.keycloak.authentication.ClientAuthenticationFlow] 
>>>>>>>>> (default task-24)
>>>>>>>>> client authenticator SUCCESS: client-secret
>>>>>>>>> 2017-04-25 09:54:56,643 DEBUG
>>>>>>>>> [org.keycloak.authentication.ClientAuthenticationFlow] 
>>>>>>>>> (default task-24)
>>>>>>>>> Client moodle authenticated by client-secret
>>>>>>>>> 2017-04-25 09:54:56,663 DEBUG [org.keycloak.events] (default 
>>>>>>>>> task-24)
>>>>>>>>> type=CODE_TO_TOKEN, realmId=Demo, clientId=moodle,
>>>>>>>>> userId=ed5ba52a-531d-4e6e-b12e-9bc0957a8c1f, 
>>>>>>>>> ipAddress=153.109.152.213,
>>>>>>>>> token_id=75173922-dd56-44ca-9255-9a5368e557f4,
>>>>>>>>> grant_type=authorization_code, refresh_token_type=Refresh,
>>>>>>>>> refresh_token_id=d7daabe5-8e73-4b8e-b108-92188e1118df,
>>>>>>>>> code_id=08539f13-cb1c-423e-86a3-365c29b055f1,
>>>>>>>>> client_auth_method=client-secret
>>>>>>>>> 2017-04-25 09:54:56,663 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper] (default 
>>>>>>>>> task-24)
>>>>>>>>> JtaTransactionWrapper  commit
>>>>>>>>> 2017-04-25 09:54:56,663 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper] (default 
>>>>>>>>> task-24)
>>>>>>>>> JtaTransactionWrapper end
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> *Login to portal2**
>>>>>>>>> *
>>>>>>>>> 2017-04-25 09:56:17,566 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper] (default 
>>>>>>>>> task-6) new
>>>>>>>>> JtaTransactionWrapper
>>>>>>>>> 2017-04-25 09:56:17,566 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper] (default 
>>>>>>>>> task-6) was
>>>>>>>>> existing? false
>>>>>>>>> 2017-04-25 09:56:17,567 DEBUG 
>>>>>>>>> [org.jboss.resteasy.resteasy_jaxrs.i18n]
>>>>>>>>> (default task-6) RESTEASY002315: PathInfo:
>>>>>>>>> /realms/demo/protocol/openid-connect/auth
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>> [org.keycloak.authentication.AuthenticationProcessor] (default 
>>>>>>>>> task-6)
>>>>>>>>> AUTHENTICATE
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>> [org.keycloak.authentication.AuthenticationProcessor] (default 
>>>>>>>>> task-6)
>>>>>>>>> AUTHENTICATE ONLY
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-6)
>>>>>>>>> processFlow
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-6)
>>>>>>>>> check execution: auth-cookie requirement: ALTERNATIVE
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-6)
>>>>>>>>> authenticator: auth-cookie
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-6)
>>>>>>>>> invoke authenticator.authenticate
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>> [org.keycloak.services.managers.AuthenticationManager] 
>>>>>>>>> (default task-6)
>>>>>>>>> Could not find cookie: KEYCLOAK_IDENTITY
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-6)
>>>>>>>>> authenticator ATTEMPTED: auth-cookie
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-6)
>>>>>>>>> check execution: auth-spnego requirement: DISABLED
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-6)
>>>>>>>>> execution is processed
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-6)
>>>>>>>>> check execution: identity-provider-redirector requirement: 
>>>>>>>>> ALTERNATIVE
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-6)
>>>>>>>>> authenticator: identity-provider-redirector
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-6)
>>>>>>>>> invoke authenticator.authenticate
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-6)
>>>>>>>>> authenticator ATTEMPTED: identity-provider-redirector
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-6)
>>>>>>>>> check execution: null requirement: ALTERNATIVE
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-6)
>>>>>>>>> execution is flow
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-6)
>>>>>>>>> processFlow
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-6)
>>>>>>>>> check execution: auth-username-password-form requirement: 
>>>>>>>>> REQUIRED
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-6)
>>>>>>>>> authenticator: auth-username-password-form
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-6)
>>>>>>>>> invoke authenticator.authenticate
>>>>>>>>> 2017-04-25 09:56:17,572 DEBUG [freemarker.cache] (default task-6)
>>>>>>>>> TemplateLoader.findTemplateSource("template_en_US.ftl"): Not 
>>>>>>>>> found
>>>>>>>>> 2017-04-25 09:56:17,572 DEBUG [freemarker.cache] (default task-6)
>>>>>>>>> TemplateLoader.findTemplateSource("template_en.ftl"): Not found
>>>>>>>>> 2017-04-25 09:56:17,572 DEBUG [freemarker.cache] (default task-6)
>>>>>>>>> TemplateLoader.findTemplateSource("template.ftl"): Found
>>>>>>>>> 2017-04-25 09:56:17,572 DEBUG [freemarker.cache] (default task-6)
>>>>>>>>> "template.ftl"("en_US", UTF-8, parsed): using cached since
>>>>>>>>> file:/opt/jboss/keycloak/themes/base/login/template.ftl hasn't 
>>>>>>>>> changed.
>>>>>>>>> 2017-04-25 09:56:17,573 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-6)
>>>>>>>>> authenticator CHALLENGE: auth-username-password-form
>>>>>>>>> 2017-04-25 09:56:17,573 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper] (default task-6)
>>>>>>>>> JtaTransactionWrapper  commit
>>>>>>>>> 2017-04-25 09:56:17,573 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper] (default task-6)
>>>>>>>>> JtaTransactionWrapper end
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> *After authentication to portal2**
>>>>>>>>> *
>>>>>>>>> 2017-04-25 09:56:29,001 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper] (default 
>>>>>>>>> task-4) new
>>>>>>>>> JtaTransactionWrapper
>>>>>>>>> 2017-04-25 09:56:29,001 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper] (default 
>>>>>>>>> task-4) was
>>>>>>>>> existing? false
>>>>>>>>> 2017-04-25 09:56:29,001 DEBUG 
>>>>>>>>> [org.jboss.resteasy.resteasy_jaxrs.i18n]
>>>>>>>>> (default task-4) RESTEASY002315: PathInfo:
>>>>>>>>> /realms/Demo/login-actions/authenticate
>>>>>>>>> 2017-04-25 09:56:29,002 DEBUG
>>>>>>>>> [org.keycloak.authentication.AuthenticationProcessor] (default 
>>>>>>>>> task-4)
>>>>>>>>> authenticationAction
>>>>>>>>> 2017-04-25 09:56:29,002 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-4)
>>>>>>>>> processAction: dfde24fe-5e06-4dc9-8dc2-f82eedd89846
>>>>>>>>> 2017-04-25 09:56:29,002 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-4)
>>>>>>>>> check: auth-cookie requirement: ALTERNATIVE
>>>>>>>>> 2017-04-25 09:56:29,002 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-4)
>>>>>>>>> execution is processed
>>>>>>>>> 2017-04-25 09:56:29,002 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-4)
>>>>>>>>> check: auth-spnego requirement: DISABLED
>>>>>>>>> 2017-04-25 09:56:29,002 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-4)
>>>>>>>>> execution is processed
>>>>>>>>> 2017-04-25 09:56:29,004 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-4)
>>>>>>>>> check: identity-provider-redirector requirement: ALTERNATIVE
>>>>>>>>> 2017-04-25 09:56:29,004 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-4)
>>>>>>>>> execution is processed
>>>>>>>>> 2017-04-25 09:56:29,004 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-4)
>>>>>>>>> check: null requirement: ALTERNATIVE
>>>>>>>>> 2017-04-25 09:56:29,004 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-4)
>>>>>>>>> processAction: dfde24fe-5e06-4dc9-8dc2-f82eedd89846
>>>>>>>>> 2017-04-25 09:56:29,004 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-4)
>>>>>>>>> check: auth-username-password-form requirement: REQUIRED
>>>>>>>>> 2017-04-25 09:56:29,004 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-4)
>>>>>>>>> action: auth-username-password-form
>>>>>>>>> 2017-04-25 09:56:29,099 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-4)
>>>>>>>>> authenticator SUCCESS: auth-username-password-form
>>>>>>>>> 2017-04-25 09:56:29,100 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-4)
>>>>>>>>> processFlow
>>>>>>>>> 2017-04-25 09:56:29,100 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-4)
>>>>>>>>> check execution: auth-otp-form requirement: OPTIONAL
>>>>>>>>> 2017-04-25 09:56:29,100 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-4)
>>>>>>>>> authenticator: auth-otp-form
>>>>>>>>> 2017-04-25 09:56:29,100 DEBUG
>>>>>>>>> [org.keycloak.authentication.DefaultAuthenticationFlow] 
>>>>>>>>> (default task-4)
>>>>>>>>> processFlow
>>>>>>>>> 2017-04-25 09:56:29,100 DEBUG
>>>>>>>>> [org.hibernate.resource.transaction.backend.jta.internal.JtaTransactionCoordinatorImpl] 
>>>>>>>>>
>>>>>>>>> (default task-4) Hibernate RegisteredSynchronization successfully
>>>>>>>>> registered with JTA platform
>>>>>>>>> 2017-04-25 09:56:29,100 DEBUG [org.hibernate.SQL] (default 
>>>>>>>>> task-4)
>>>>>>>>>       select
>>>>>>>>>           roleentity0_.ID as col_0_0_
>>>>>>>>>       from
>>>>>>>>>           KEYCLOAK_ROLE roleentity0_
>>>>>>>>>       where
>>>>>>>>>           roleentity0_.CLIENT_ROLE=0
>>>>>>>>>           and roleentity0_.NAME=?
>>>>>>>>>           and roleentity0_.REALM=?
>>>>>>>>> 2017-04-25 09:56:29,101 DEBUG
>>>>>>>>> [org.jboss.jca.core.connectionmanager.pool.strategy.OnePool] 
>>>>>>>>> (default
>>>>>>>>> task-4) MySqlDS: getConnection(null,
>>>>>>>>> WrappedConnectionRequestInfo at 4570d800[userName=KeycloakUSR]) 
>>>>>>>>> [0/20]
>>>>>>>>> 2017-04-25 09:56:29,102 DEBUG
>>>>>>>>> [org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl] 
>>>>>>>>>
>>>>>>>>> (default task-4) Initiating JDBC connection release from 
>>>>>>>>> afterStatement
>>>>>>>>> 2017-04-25 09:56:29,103 DEBUG [org.hibernate.SQL] (default 
>>>>>>>>> task-4)
>>>>>>>>>       select
>>>>>>>>>           roleentity0_.ID as col_0_0_
>>>>>>>>>       from
>>>>>>>>>           KEYCLOAK_ROLE roleentity0_
>>>>>>>>>       where
>>>>>>>>>           roleentity0_.CLIENT_ROLE=0
>>>>>>>>>           and roleentity0_.NAME=?
>>>>>>>>>           and roleentity0_.REALM=?
>>>>>>>>> 2017-04-25 09:56:29,103 DEBUG
>>>>>>>>> [org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl] 
>>>>>>>>>
>>>>>>>>> (default task-4) Initiating JDBC connection release from 
>>>>>>>>> afterStatement
>>>>>>>>> 2017-04-25 09:56:29,103 DEBUG [org.hibernate.SQL] (default 
>>>>>>>>> task-4)
>>>>>>>>>       select
>>>>>>>>>           roleentity0_.ID as col_0_0_
>>>>>>>>>       from
>>>>>>>>>           KEYCLOAK_ROLE roleentity0_
>>>>>>>>>       where
>>>>>>>>>           roleentity0_.CLIENT_ROLE=0
>>>>>>>>>           and roleentity0_.NAME=?
>>>>>>>>>           and roleentity0_.REALM=?
>>>>>>>>> 2017-04-25 09:56:29,104 DEBUG
>>>>>>>>> [org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl] 
>>>>>>>>>
>>>>>>>>> (default task-4) Initiating JDBC connection release from 
>>>>>>>>> afterStatement
>>>>>>>>> 2017-04-25 09:56:29,104 DEBUG [org.keycloak.events] (default 
>>>>>>>>> task-4)
>>>>>>>>> type=LOGIN, realmId=Demo, clientId=moodle2,
>>>>>>>>> userId=ed5ba52a-531d-4e6e-b12e-9bc0957a8c1f, 
>>>>>>>>> ipAddress=192.168.0.27,
>>>>>>>>> auth_method=openid-connect, auth_type=code,
>>>>>>>>> redirect_uri=https://localhost/moodle2iam/auth/oidc/,
>>>>>>>>> consent=no_consent_required,
>>>>>>>>> code_id=cffeac69-54fc-4d19-be81-36f0f19ce1ef, username=testuser
>>>>>>>>> 2017-04-25 09:56:29,104 DEBUG
>>>>>>>>> [org.keycloak.services.managers.AuthenticationManager] 
>>>>>>>>> (default task-4)
>>>>>>>>> Removing old user session: session: 
>>>>>>>>> 431cecf6-5a6b-4bbc-9467-3f52eff8090f
>>>>>>>>> 2017-04-25 09:56:29,105 DEBUG
>>>>>>>>> [org.keycloak.services.managers.AuthenticationManager] 
>>>>>>>>> (default task-4)
>>>>>>>>> Create login cookie - name: KEYCLOAK_IDENTITY, path: 
>>>>>>>>> /auth/realms/Demo,
>>>>>>>>> max-age: -1
>>>>>>>>> 2017-04-25 09:56:29,105 DEBUG
>>>>>>>>> [org.keycloak.services.managers.AuthenticationManager] 
>>>>>>>>> (default task-4)
>>>>>>>>> Expiring remember me cookie
>>>>>>>>> 2017-04-25 09:56:29,105 DEBUG
>>>>>>>>> [org.keycloak.services.managers.AuthenticationManager] 
>>>>>>>>> (default task-4)
>>>>>>>>> Expiring cookie: KEYCLOAK_REMEMBER_ME path: /auth/realms/Demo
>>>>>>>>> 2017-04-25 09:56:29,105 DEBUG
>>>>>>>>> [org.keycloak.protocol.oidc.OIDCLoginProtocol] (default task-4)
>>>>>>>>> redirectAccessCode: state: WUCTMXokISFDbFN
>>>>>>>>> 2017-04-25 09:56:29,105 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper] (default task-4)
>>>>>>>>> JtaTransactionWrapper  commit
>>>>>>>>> 2017-04-25 09:56:29,106 DEBUG
>>>>>>>>> [org.jboss.jca.core.connectionmanager.pool.strategy.OnePool] 
>>>>>>>>> (default
>>>>>>>>> task-4) MySqlDS: returnConnection(4edba62b, false) [0/20]
>>>>>>>>> 2017-04-25 09:56:29,106 DEBUG
>>>>>>>>> [org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl] 
>>>>>>>>>
>>>>>>>>> (default task-4) Initiating JDBC connection release from 
>>>>>>>>> afterTransaction
>>>>>>>>> 2017-04-25 09:56:29,106 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper] (default task-4)
>>>>>>>>> JtaTransactionWrapper end
>>>>>>>>> 2017-04-25 09:56:29,626 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper] (default 
>>>>>>>>> task-13) new
>>>>>>>>> JtaTransactionWrapper
>>>>>>>>> 2017-04-25 09:56:29,626 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper] (default 
>>>>>>>>> task-13) was
>>>>>>>>> existing? false
>>>>>>>>> 2017-04-25 09:56:29,627 DEBUG 
>>>>>>>>> [org.jboss.resteasy.resteasy_jaxrs.i18n]
>>>>>>>>> (default task-13) RESTEASY002315: PathInfo:
>>>>>>>>> /realms/demo/protocol/openid-connect/token
>>>>>>>>> 2017-04-25 09:56:29,627 DEBUG
>>>>>>>>> [org.keycloak.authentication.AuthenticationProcessor] (default 
>>>>>>>>> task-13)
>>>>>>>>> AUTHENTICATE CLIENT
>>>>>>>>> 2017-04-25 09:56:29,627 DEBUG
>>>>>>>>> [org.keycloak.authentication.ClientAuthenticationFlow] 
>>>>>>>>> (default task-13)
>>>>>>>>> client authenticator: client-secret
>>>>>>>>> 2017-04-25 09:56:29,627 DEBUG
>>>>>>>>> [org.keycloak.authentication.ClientAuthenticationFlow] 
>>>>>>>>> (default task-13)
>>>>>>>>> client authenticator SUCCESS: client-secret
>>>>>>>>> 2017-04-25 09:56:29,627 DEBUG
>>>>>>>>> [org.keycloak.authentication.ClientAuthenticationFlow] 
>>>>>>>>> (default task-13)
>>>>>>>>> Client moodle2 authenticated by client-secret
>>>>>>>>> 2017-04-25 09:56:29,656 DEBUG [org.keycloak.events] (default 
>>>>>>>>> task-13)
>>>>>>>>> type=CODE_TO_TOKEN, realmId=Demo, clientId=moodle2,
>>>>>>>>> userId=ed5ba52a-531d-4e6e-b12e-9bc0957a8c1f, 
>>>>>>>>> ipAddress=153.109.152.213,
>>>>>>>>> token_id=ff9b3385-1362-4559-ad53-05317755b280,
>>>>>>>>> grant_type=authorization_code, refresh_token_type=Refresh,
>>>>>>>>> refresh_token_id=356011d7-e9fa-4c90-9368-a7627a445bc7,
>>>>>>>>> code_id=cffeac69-54fc-4d19-be81-36f0f19ce1ef,
>>>>>>>>> client_auth_method=client-secret
>>>>>>>>> 2017-04-25 09:56:29,656 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper] (default 
>>>>>>>>> task-13)
>>>>>>>>> JtaTransactionWrapper  commit
>>>>>>>>> 2017-04-25 09:56:29,656 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper] (default 
>>>>>>>>> task-13)
>>>>>>>>> JtaTransactionWrapper end
>>>>>>>>> 2017-04-25 09:56:29,660 DEBUG [io.undertow.request.io] 
>>>>>>>>> (default I/O-1)
>>>>>>>>> Error reading request: java.io.IOException: Connection reset 
>>>>>>>>> by peer
>>>>>>>>>           at sun.nio.ch.FileDispatcherImpl.read0(Native Method)
>>>>>>>>>           at 
>>>>>>>>> sun.nio.ch.SocketDispatcher.read(SocketDispatcher.java:39)
>>>>>>>>>           at 
>>>>>>>>> sun.nio.ch.IOUtil.readIntoNativeBuffer(IOUtil.java:223)
>>>>>>>>>           at sun.nio.ch.IOUtil.read(IOUtil.java:192)
>>>>>>>>>           at 
>>>>>>>>> sun.nio.ch.SocketChannelImpl.read(SocketChannelImpl.java:380)
>>>>>>>>>           at 
>>>>>>>>> org.xnio.nio.NioSocketConduit.read(NioSocketConduit.java:282)
>>>>>>>>>           at
>>>>>>>>> io.undertow.protocols.ssl.SslConduit.doUnwrap(SslConduit.java:658) 
>>>>>>>>>
>>>>>>>>>           at 
>>>>>>>>> io.undertow.protocols.ssl.SslConduit.read(SslConduit.java:530)
>>>>>>>>>           at
>>>>>>>>> org.xnio.conduits.ConduitStreamSourceChannel.read(ConduitStreamSourceChannel.java:127) 
>>>>>>>>>
>>>>>>>>>           at
>>>>>>>>> io.undertow.server.protocol.http.HttpReadListener.handleEventWithNoRunningRequest(HttpReadListener.java:152) 
>>>>>>>>>
>>>>>>>>>           at
>>>>>>>>> io.undertow.server.protocol.http.HttpReadListener.handleEvent(HttpReadListener.java:130) 
>>>>>>>>>
>>>>>>>>>           at
>>>>>>>>> io.undertow.server.protocol.http.HttpReadListener.handleEvent(HttpReadListener.java:56) 
>>>>>>>>>
>>>>>>>>>           at
>>>>>>>>> org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92) 
>>>>>>>>>
>>>>>>>>>           at
>>>>>>>>> org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66) 
>>>>>>>>>
>>>>>>>>>           at
>>>>>>>>> io.undertow.protocols.ssl.SslConduit$SslReadReadyHandler.readReady(SslConduit.java:1059) 
>>>>>>>>>
>>>>>>>>>           at
>>>>>>>>> org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:88) 
>>>>>>>>>
>>>>>>>>>           at org.xnio.nio.WorkerThread.run(WorkerThread.java:559)
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> keycloak-user mailing list
>>>>>>>>> keycloak-user at lists.jboss.org
>>>>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>



More information about the keycloak-user mailing list