[keycloak-user] KeycloakOIDCFilter infinite loop after authentication
Thomas Isaksen
thomas.isaksen at sysco.no
Tue Jan 23 09:18:42 EST 2018
Anyone? This is the only thing stopping me from throwing out Oracle Access Manager. I need this to work :-)
./t
-----Original Message-----
From: keycloak-user-bounces at lists.jboss.org [mailto:keycloak-user-bounces at lists.jboss.org] On Behalf Of Thomas Isaksen
Sent: mandag 22. januar 2018 14.32
To: keycloak-user at lists.jboss.org
Subject: [keycloak-user] KeycloakOIDCFilter infinite loop after authentication
[This sender failed our fraud detection checks and may not be who they appear to be. Learn about spoofing at http://aka.ms/LearnAboutSpoofing]
Hi
I tried sending another mail containing a fiddler log but it bounced for some reason. Anyway,
I have configured the filter on weblogic 12.2.1.3 as follows:
<filter>
<filter-name>Keycloak Filter</filter-name>
<filter-class>org.keycloak.adapters.servlet.KeycloakOIDCFilter</filter-class>
<init-param>
<param-name>keycloak.config.skipPattern</param-name>
<param-value>^(example1|example2|whatever).*</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Keycloak Filter</filter-name>
<url-pattern>/keycloak/*</url-pattern>
<url-pattern>/*</url-pattern>
</filter-mapping>
My keycloak.json is located in /WEB-INF/
{
"realm": "Toyota Development",
"auth-server-url": "http://localhost:18080/auth",
"ssl-required": "external",
"resource": "dummyWeb",
"credentials": {
"secret": "e9be44b7-394b-40d9-a8c0-203cdb9c450b"
},
"confidential-port": 0
}
Client config:
Root URL: http://dev.toyota.no:7002/DummyWeb/
Valid Redirect URIs: http://dev.toyota.no:7002/DummyWeb/*
Base URL: http://dev.toyota.no:7002/DummyWeb/
Admin URL: http://dev.toyota.no:7002/DummyWeb/keycloak
Web Origins: http://localhost:8080 (keycloak server) http://dev.toyota.no.no:7002
Looks like I am getting authenticated but browser is stuck in an infinite loop. If I close the browser and try the same URL again it will go into a loop again unless I clear sessions from the keycloak admin console.
You can see the fiddler log or log as text here:
https://drive.google.com/drive/folders/1HiwSEe0WBWny3BQCrmXKz3LdNXVRxVVW?usp=sharing
If someone could please have a look at it I would be super happy!
Thanks!
--
Thomas Isaksen
_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list