[keycloak-user] Could not obtain configuration from server

Pedro Igor Silva psilva at redhat.com
Mon Apr 2 08:16:23 EDT 2018 

You can check if the token was issued with the roles you defined in
web.xml/security-constraint.

On Thu, Mar 29, 2018 at 11:20 AM, Filip Kozjak <filip.kozjak at gmail.com>
wrote:

> Thank you Pedro,
>
> indeed it was a version issue, I was using the older version of Keycloak.
> However, after resolving this issue I've encountered a new one with always
> getting a *401 Unauthorized* response from the service.
>
> The client code that is calling the service is this:
>
> *String accessToken = AuthzClient.create().obtainAccessToken.getToken();*
> WebTarget target = client.target("url");
> MyResponse res = target.request(MediaType.APPLICATION_JSON).*header("Authorization",
> "Bearer " + accessToken)*.post(MyResponse.class);
>
> keycloak.json SERVICE
>
> {
>   "realm": "demo",
>   "bearer-only": true,
>   "auth-server-url": "http://127.0.0.1:8780/auth",
>   "ssl-required": "external",
>   "resource": "risk-assessment-service",
>   "confidential-port": 0
> }
>
>
> keycloak.json CLIENT
>
> {
>   "realm": "demo",
>   "auth-server-url": "http://127.0.0.1:8780/auth",
>   "ssl-required": "false",
>   "resource": "risk-assessment-client",
>   "credentials": {
>     "secret": "98f93f5e-e20a-433c-b29a-d3f9cab4bb44"
>   },
>   "confidential-port": 0
> }
>
> Could the problem be something with SSL? Because my service is not
> available on https:// endpoints? Or is the calling code not correct?
>
>
>
> On 29 March 2018 at 14:07, Pedro Igor Silva <psilva at redhat.com> wrote:
>
>> What version of Keycloak are you using ? Perhaps, Keycloak v4 ?
>>
>> If so, you need to make sure your keycloak-authz dependency references
>> the same version.
>>
>> The uma-configuration discovery endpoint changed to uma2-configuration.
>>
>> Regards.
>> Pedro Igor
>>
>> On Thu, Mar 29, 2018 at 4:21 AM, Filip Kozjak <filip.kozjak at gmail.com>
>> wrote:
>>
>>> Hi everyone,
>>>
>>> I am having troubles obtaining access token for my Java EE REST service
>>> from Keycloak.
>>>
>>> I have started Keycloak server at *http://localhost <http://localhost>*,
>>> and I can access the admin console at
>>> *http://localhost:8081/auth/admin/master/console/#/realms/demo
>>> <http://localhost:8081/auth/admin/master/console/#/realms/demo>.*
>>>
>>> Next, I created a new realm "demo" and registered my REST service there.
>>> I've copied the generated *keycloak.json *to the WEB-INF of my service
>>> and
>>> added what was needed to web.xml. This successfully protected my
>>> endpoint.
>>> My REST service is up and running on *http://localhost:8080/
>>> <http://localhost:8080/>.*
>>>
>>> However, now I want to set up a client that would be authorized to access
>>> the protected endpoint. The client is running at *http://localhost:9080
>>> <http://localhost:9080>. *Again, it's a Java EE REST service that talks
>>> to
>>> the protected service. I registered it as *OAuth Client* in the admin
>>> console and again copied the *keycloak.json* to the resources of my app.
>>> I
>>> am trying to obtain the access token like this:
>>>
>>> AuthzClient authz = AuthzClient.create();
>>> AccessTokenResponse tokenResponse = authzClient.obtainAccessToken();
>>>
>>> This results in the following error:
>>>
>>> java.lang.RuntimeException: Could not obtain configuration from server [
>>> http://localhost:8081/auth/realms/demo/.well-known/uma-configuration]
>>> .<br>
>>> <div id="stack">at
>>> org.keycloak.authorization.client.AuthzClient.<init>(AuthzCl
>>> ient.java:92)<br>at
>>> org.keycloak.authorization.client.AuthzClient.create(AuthzCl
>>> ient.java:60)<br>at
>>> org.keycloak.authorization.client.AuthzClient.create(AuthzCl
>>> ient.java:53)<br>at
>>> hr.assecosee.three_ds_2.risk.services.ProxyServiceImpl.invok
>>> eRiskLevelApi(ProxyServiceImpl.java:28)<br>at
>>> sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)<br>at
>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce
>>> ssorImpl.java:62)<br>at
>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe
>>> thodAccessorImpl.java:43)<br>at
>>> java.lang.reflect.Method.invoke(Method.java:498)<br>at
>>> com.ibm.ejs.container.EJSContainer.invokeProceed(EJSContaine
>>> r.java:5316)<br>...
>>> 16 more<br>
>>> </div>Caused by:
>>> org.keycloak.authorization.client.util.HttpResponseException: Unexpected
>>> response from server: 404 / Not Found<br>
>>>
>>> I posted a question about it on StackOverflow too:
>>> https://stackoverflow.com/questions/49534589/404-not-found-w
>>> hile-requesting-token-from-keycloak
>>>
>>> Is there something I am missing?
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>
>>
>

More information about the keycloak-user mailing list