[keycloak-user] NotSerializableException: org.keycloak.adapters.elytron.ElytronAccount

Andrew Murphy andrew.murphy at confido.ie
Wed Nov 21 16:40:07 EST 2018


I've installed the keycloak-wildfly-adapter-dist-4.6.0.Final.zip adapter in
a clean version of WildFly Full 14.0.1.Final, running on Windows 8.1. The
keycloak server is running on a separate port.

When I configure the adapter subsystem (server not running) with the newer
Elytron adapter using

> cd bin
> jboss-cli.bat --file=adapter-elytron-install-offline.cli -Dserver.config=standalone-full.xml

and thereafter attempt to sign into a basic war application I get the
keycloak login page, followed by an error page once credentials are posted.
The server.log reports the following (abbreviated) error stacktrace

2018-11-21 20:17:37,654 ERROR [io.undertow.request] (default task-1)
UT005023: Exception handling request to /curo-crm/:
java.lang.IllegalArgumentException:
org.infinispan.commons.marshall.NotSerializableException:
org.keycloak.adapters.elytron.ElytronAccount
    at
org.wildfly.clustering.web.infinispan.session.coarse.CoarseSessionAttributes.setAttribute(CoarseSessionAttributes.java:71)
[snip]
Caused by: org.infinispan.commons.marshall.NotSerializableException:
org.keycloak.adapters.elytron.ElytronAccount

Now, if I configure the adapter subsystem with the legacy non-Elytron
adapter on WildFly using

> cd bin
> jboss-cli.bat --file=adapter-install-offline.cli -Dserver.config=standalone-full.xml

everything works without errors i.e. I can access the protected web app on
login success.

Question 1: Have I missed something in the server configuration that is
causing the NotSerializableException?
Question 2: The keycloak config documentation recommends the use of the
newer Elytron adapter over the legacy non-Elytron adapter, but gives no
reasoning. Are there drawbacks to using the legacy version?

Thanks


More information about the keycloak-user mailing list