[keycloak-user] KeycloakPrincipal ClassCastException

Brent Vaughn Vaughn at climatecontrolgroup.com
Thu Mar 9 21:54:27 EST 2017 

The keycloak libraries are in my subsystem.  When I include Keycloak jars in my EAR, I get the ClassCastException.  When I don't include the Keycloak jars in my EAR, I get a java.lang.NoClassDefFoundError: org/keycloak/KeycloakPrincipal exception


Here is my Dockerfile I use as my base image.  It has the Keycloak adapter in it.


FROM openjdk:8u121-jdk

USER root

ENV WILDFLY_VERSION 10.1.0.Final
ENV WILDFLY_SHA1 9ee3c0255e2e6007d502223916cefad2a1a5e333
ENV JBOSS_HOME /opt/jboss/wildfly
ENV FILEBEAT_DEB filebeat-5.0.0-amd64.deb
ENV KEYCLOAK_VERSION 2.5.4.Final

# Add the WildFly distribution to /opt, and make wildfly the owner of the extracted tar content
# Make sure the distribution is available from a well-known place
RUN cd $HOME \
    && curl -O https://download.jboss.org/wildfly/$WILDFLY_VERSION/wildfly-$WILDFLY_VERSION.tar.gz \
    && sha1sum wildfly-$WILDFLY_VERSION.tar.gz | grep $WILDFLY_SHA1 \
    && tar xf wildfly-$WILDFLY_VERSION.tar.gz \
    && mkdir -p $JBOSS_HOME \
    && mv $HOME/wildfly-$WILDFLY_VERSION/* $JBOSS_HOME \
    && rm wildfly-$WILDFLY_VERSION.tar.gz

# Ensure signals are forwarded to the JVM process correctly for graceful shutdown
ENV LAUNCH_JBOSS_IN_BACKGROUND true

EXPOSE 8080

RUN apt-get update -y \
 && curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/$FILEBEAT_DEB \
 && dpkg -i $FILEBEAT_DEB \
 && apt-get install -y swaks \
 && mkdir -p /etc/pki/tls/certs \
 && ln -fs /usr/share/zoneinfo/US/Central /etc/localtime && dpkg-reconfigure -f noninteractive tzdata \
 && rm $FILEBEAT_DEB


#Keycloak Adapter
WORKDIR /opt/jboss/wildfly
RUN curl -L https://downloads.jboss.org/keycloak/$KEYCLOAK_VERSION/adapters/keycloak-oidc/keycloak-wildfly-adapter-dist-$KEYCLOAK_VERSION.tar.gz | tar zx
WORKDIR /opt/jboss

# Standalone.xml modifications.
RUN sed -i -e 's/<extensions>/&\n        <extension module="org.keycloak.keycloak-adapter-subsystem"\/>/' $JBOSS_HOME/standalone/configuration/standalone.xml && \
    sed -i -e 's/<profile>/&\n        <subsystem xmlns="urn:jboss:domain:keycloak:1.1"\/>/' $JBOSS_HOME/standalone/configuration/standalone.xml && \
    sed -i -e 's/<security-domains>/&\n                <security-domain name="keycloak">\n                    <authentication>\n                        <login-module code="org.keycloak.adapters.jboss.KeycloakLoginModule" flag="required"\/>\n                    <\/authentication>\n                <\/security-domain>/' $JBOSS_HOME/standalone/configuration/standalone.xml

# Standalone-full.xml modifications.
RUN sed -i -e 's/<extensions>/&\n        <extension module="org.keycloak.keycloak-adapter-subsystem"\/>/' $JBOSS_HOME/standalone/configuration/standalone-full.xml && \
    sed -i -e 's/<profile>/&\n        <subsystem xmlns="urn:jboss:domain:keycloak:1.1"\/>/' $JBOSS_HOME/standalone/configuration/standalone-full.xml && \
    sed -i -e 's/<security-domains>/&\n                <security-domain name="keycloak">\n                    <authentication>\n                        <login-module code="org.keycloak.adapters.jboss.KeycloakLoginModule" flag="required"\/>\n                    <\/authentication>\n                <\/security-domain>/' $JBOSS_HOME/standalone/configuration/standalone-full.xml




________________________________

From: John D. Ament <john.d.ament at gmail.com>
Sent: Thursday, March 9, 2017 8:14:11 PM
To: Brent Vaughn; Bill Burke; keycloak-user at lists.jboss.org
Subject: Re: [keycloak-user] KeycloakPrincipal ClassCastException

This sounds like you're ending up with duplicate keycloak libraries on your classpath.  Did you include the keycloak client subsystem?  Are the keycloak libraries also ending up in your EAR or WAR?

On Thu, Mar 9, 2017 at 9:12 PM Brent Vaughn <Vaughn at climatecontrolgroup.com<mailto:Vaughn at climatecontrolgroup.com>> wrote:
Yes.  But it is an Ear file instead of a War file.  A separate jar in an Ear file.
________________________________
From: keycloak-user-bounces at lists.jboss.org<mailto:keycloak-user-bounces at lists.jboss.org> <keycloak-user-bounces at lists.jboss.org<mailto:keycloak-user-bounces at lists.jboss.org>> on behalf of Bill Burke <bburke at redhat.com<mailto:bburke at redhat.com>>
Sent: Thursday, March 9, 2017 7:06:00 PM
To: keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>
Subject: Re: [keycloak-user] KeycloakPrincipal ClassCastException

What do you mean "separate jar"?  A jar in the WAR?


On 3/9/17 6:49 PM, Brent Vaughn wrote:
> Using KeyCloak 2.5.4 and Wildfly 10.1.0
>
> I am attempting to create a JSF component that involves Keycloak.  I am getting this exception:
>
> java.lang.ClassCastException: org.keycloak.KeycloakPrincipal cannot be cast to org.keycloak.KeycloakPrincipal
>
>
> Below is the line of code that throws the exception.
>
> public void encodeBegin(FacesContext context) {
> ..........
> KeycloakPrincipal<KeycloakSecurityContext> kp = (KeycloakPrincipal<KeycloakSecurityContext>) context.getExternalContext().getUserPrincipal();
> ..........
> }
>
>
> Funny thing is this.  The exception is only thrown when the JSF Component is in a separate jar and then added to the project.  If I put the code in question directly in the project, it doesn't throw the exception.
>
> Can anyone help me with this?
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>
> https://lists.jboss.org/mailman/listinfo/keycloak-user

_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user

More information about the keycloak-user mailing list