[keycloak-user] [keycloak-dev] Unable to connect to an external datasource for a protocol mapper
Thomas Darimont
thomas.darimont at googlemail.com
Wed Sep 11 18:40:56 EDT 2019
Hi Thomas,
I think a more suitable list for this kind of questions is the
keycloak-users Mailinglist.
I think in your case you can reduce your example to a single ejb-jar
deployment.
Furthermore you can refer to a datasource configured in Wildfly via JNDI
instead of providing your own datasource via persistence.xml.
See:
https://github.com/thomasdarimont/keycloak-bug-entity-manager-tokenEnhancer/blob/poc/single-ejb-jar-deployment/tokenEnhancerModule/src/main/resources/META-INF/persistence.xml
The trick to get a custom EntityManager injected into a component is to
turn the component into an EJB and access it via JNDI, e.g.:
...
@Stateless
@Local
public class UserRepository {
@PersistenceContext(unitName = "UserPU")
protected EntityManager entityManager;
public Object getData() {
// implement your query
return entityManager != null ? "data" : null;
}
}
Then you can use JNDI to lookup the bean in your custom ProtocolMapper,
e.g.:
private UserRepository getUserRepository() {
try {
String moduleName = new
File(getClass().getProtectionDomain().getCodeSource().getLocation().getFile()).getName().replaceAll("\\.jar$",
"");
String jndiName = String.format("java:global/%s/%s",
moduleName, UserRepository.class.getSimpleName());
return (UserRepository) new InitialContext().lookup(jndiName);
} catch (NamingException e) {
throw new RuntimeException(e);
}
}
With those changes I could run your example:
https://github.com/thomasdarimont/keycloak-bug-entity-manager-tokenEnhancer/tree/poc/single-ejb-jar-deployment
See:
https://github.com/thomasdarimont/keycloak-bug-entity-manager-tokenEnhancer/blob/poc/single-ejb-jar-deployment/tokenEnhancerModule/src/main/java/business/KeycloakTokenEnhancer.java#L48
Cheers,
Thomas
On Wed, 11 Sep 2019 at 20:47, Thomas <tlann at technoeclectic.com> wrote:
> I'm a little inexperienced when it comes to Java EE. So let me apoligize
> because I'm guessing this will be a small setup mistake. I've setup
> databases for applications but I'm having a really tough time with
> connecting to for a Keycloak module. The database exists separate from
> Keycloak's user db and a LDAP/AD because other services for our application
> need to access the claims database through rabbitmq and rest services.
>
> I'm able to setup a datasource in Wildfly and verify it can connect to the
> database. So I know the connection info is good. The module successfully
> deploys to Keycloak. When the Protocol Mapper is ran, I only try checking
> the nullity of the EntityManager that should be injected as well as one
> that gets created from the PU by hand. The injected em is null and the one
> created on a spot throws an exception about being unable to find the
> persistence.xml file.
>
> What are some good troubleshooting techniques for developing in Keycloak?
> Is it more appropriate to turn up the hibernate logger in Keycloak or
> Wildfly?
>
> Could someone take a look at an exmple give me some advice?
> A code example is at https://github.com/tlann/tokenEnhancer.git
>
> The deployment log and exception are as follows
>
> Thanks,
> Thomas
>
> 17:06:51,406 INFO [org.jboss.as.server.deployment] (MSC service thread
> 1-4) WFLYSRV0027: Starting deployment of
> "token-enhancer-ear-1.0.0-SNAPSHOT.ear" (runtime-name:
> "token-enhancer-ear-1.0.0-SNAPSHOT.ear")
> 17:06:51,493 INFO [org.jboss.as.server.deployment] (MSC service thread
> 1-2) WFLYSRV0207: Starting subdeployment (runtime-name:
> "com.example.security-token-enhancer-module-1.0.0-SNAPSHOT.jar")
> 17:06:51,497 INFO [org.jboss.as.jpa] (MSC service thread 1-4) WFLYJPA0002:
> Read persistence.xml for UserPU
> 17:06:51,514 INFO [org.jboss.as.jpa] (MSC service thread 1-4) WFLYJPA0002:
> Read persistence.xml for UserPU
> 17:06:51,539 WARN [org.jboss.as.dependency.private] (MSC service thread
> 1-1) WFLYSRV0018: Deployment
> "deployment.token-enhancer-ear-1.0.0-SNAPSHOT.ear.com
> .example.security-token-enhancer-module-1.0.0-SNAPSHOT.jar"
> is using a private module ("org.keycloak.keycloak-services") which may be
> changed or removed in future versions without notice.
> 17:06:51,553 WARN [org.jboss.as.dependency.private] (MSC service thread
> 1-4) WFLYSRV0018: Deployment
> "deployment.token-enhancer-ear-1.0.0-SNAPSHOT.ear" is using a private
> module ("org.keycloak.keycloak-services") which may be changed or removed
> in future versions without notice.
> 17:06:51,555 INFO [org.jboss.as.jpa] (ServerService Thread Pool -- 81)
> WFLYJPA0010: Starting Persistence Unit (phase 1 of 2) Service
>
> 'token-enhancer-ear-1.0.0-SNAPSHOT.ear/com.example.security-token-enhancer-module-1.0.0-SNAPSHOT.jar#UserPU'
> 17:06:51,555 INFO [org.hibernate.jpa.internal.util.LogHelper]
> (ServerService Thread Pool -- 81) HHH000204: Processing PersistenceUnitInfo
> [
> name: UserPU
> ...]
> 17:06:51,575 INFO [org.jboss.weld.deployer] (MSC service thread 1-3)
> WFLYWELD0003: Processing weld deployment
> token-enhancer-ear-1.0.0-SNAPSHOT.ear
> 17:06:51,599 INFO [org.jboss.as.jpa] (ServerService Thread Pool -- 82)
> WFLYJPA0010: Starting Persistence Unit (phase 1 of 2) Service
> 'token-enhancer-ear-1.0.0-SNAPSHOT.ear#UserPU'
> 17:06:51,599 INFO [org.hibernate.jpa.internal.util.LogHelper]
> (ServerService Thread Pool -- 82) HHH000204: Processing PersistenceUnitInfo
> [
> name: UserPU
> ...]
> 17:06:51,643 INFO
>
> [org.keycloak.subsystem.server.extension.KeycloakProviderDeploymentProcessor]
> (MSC service thread 1-3) Deploying Keycloak provider:
> com.example.security-token-enhancer-module-1.0.0-SNAPSHOT.jar
> 17:06:51,678 WARN [org.keycloak.services] (MSC service thread 1-3)
> KC-SERVICES0047: oidc-token-enhancer-mapper
> (business.KeycloakTokenEnhancer) is implementing the internal SPI
> protocol-mapper. This SPI is internal and may change without notice
> 17:06:51,701 INFO [org.jboss.weld.deployer] (MSC service thread 1-3)
> WFLYWELD0003: Processing weld deployment
> com.example.security-token-enhancer-module-1.0.0-SNAPSHOT.jar
> 17:06:51,779 INFO [org.jboss.as.jpa] (ServerService Thread Pool -- 81)
> WFLYJPA0010: Starting Persistence Unit (phase 2 of 2) Service
>
> 'token-enhancer-ear-1.0.0-SNAPSHOT.ear/com.example.security-token-enhancer-module-1.0.0-SNAPSHOT.jar#UserPU'
> 17:06:51,780 INFO [org.hibernate.dialect.Dialect] (ServerService Thread
> Pool -- 81) HHH000400: Using dialect:
> org.hibernate.dialect.PostgreSQL95Dialect
> 17:06:51,797 INFO
> [org.hibernate.engine.jdbc.env.internal.LobCreatorBuilderImpl]
> (ServerService Thread Pool -- 81) HHH000424: Disabling contextual LOB
> creation as createClob() method threw error :
> java.lang.reflect.InvocationTargetException
> 17:06:51,797 INFO [org.hibernate.type.BasicTypeRegistry] (ServerService
> Thread Pool -- 81) HHH000270: Type registration [java.util.UUID] overrides
> previous : org.hibernate.type.UUIDBinaryType at 3e14892a
> 17:06:51,801 INFO [org.hibernate.envers.boot.internal.EnversServiceImpl]
> (ServerService Thread Pool -- 81) Envers integration enabled? : true
> 17:06:51,820 WARN
> [org.infinispan.hibernate.cache.v53.InfinispanRegionFactory]
> (ServerService Thread Pool -- 81) HHH025030: Transactional caches are not
> supported. The configuration option will be ignored; please unset.
> 17:06:51,820 WARN
> [org.infinispan.hibernate.cache.v53.InfinispanRegionFactory]
> (ServerService Thread Pool -- 81) HHH025030: Transactional caches are not
> supported. The configuration option will be ignored; please unset.
> 17:06:51,821 WARN
> [org.infinispan.hibernate.cache.v53.InfinispanRegionFactory]
> (ServerService Thread Pool -- 81) HHH025030: Transactional caches are not
> supported. The configuration option will be ignored; please unset.
> 17:06:51,821 WARN
> [org.infinispan.hibernate.cache.v53.InfinispanRegionFactory]
> (ServerService Thread Pool -- 81) HHH025030: Transactional caches are not
> supported. The configuration option will be ignored; please unset.
> 17:06:51,854 INFO [org.jboss.as.jpa] (ServerService Thread Pool -- 82)
> WFLYJPA0010: Starting Persistence Unit (phase 2 of 2) Service
> 'token-enhancer-ear-1.0.0-SNAPSHOT.ear#UserPU'
> 17:06:51,855 INFO [org.hibernate.dialect.Dialect] (ServerService Thread
> Pool -- 82) HHH000400: Using dialect:
> org.hibernate.dialect.PostgreSQL95Dialect
> 17:06:51,868 INFO
> [org.hibernate.engine.jdbc.env.internal.LobCreatorBuilderImpl]
> (ServerService Thread Pool -- 82) HHH000424: Disabling contextual LOB
> creation as createClob() method threw error :
> java.lang.reflect.InvocationTargetException
> 17:06:51,869 INFO [org.hibernate.type.BasicTypeRegistry] (ServerService
> Thread Pool -- 82) HHH000270: Type registration [java.util.UUID] overrides
> previous : org.hibernate.type.UUIDBinaryType at 3e14892a
> 17:06:51,873 INFO [org.hibernate.envers.boot.internal.EnversServiceImpl]
> (ServerService Thread Pool -- 82) Envers integration enabled? : true
> 17:06:51,882 WARN
> [org.infinispan.hibernate.cache.v53.InfinispanRegionFactory]
> (ServerService Thread Pool -- 82) HHH025030: Transactional caches are not
> supported. The configuration option will be ignored; please unset.
> 17:06:51,882 WARN
> [org.infinispan.hibernate.cache.v53.InfinispanRegionFactory]
> (ServerService Thread Pool -- 82) HHH025030: Transactional caches are not
> supported. The configuration option will be ignored; please unset.
> 17:06:51,882 WARN
> [org.infinispan.hibernate.cache.v53.InfinispanRegionFactory]
> (ServerService Thread Pool -- 82) HHH025030: Transactional caches are not
> supported. The configuration option will be ignored; please unset.
> 17:06:51,883 WARN
> [org.infinispan.hibernate.cache.v53.InfinispanRegionFactory]
> (ServerService Thread Pool -- 82) HHH025030: Transactional caches are not
> supported. The configuration option will be ignored; please unset.
> 17:06:51,982 INFO [io.smallrye.metrics] (MSC service thread 1-1)
> MicroProfile: Metrics activated
> 17:06:52,273 INFO [org.jboss.as.server] (DeploymentScanner-threads - 2)
> WFLYSRV0010: Deployed "token-enhancer-ear-1.0.0-SNAPSHOT.ear" (runtime-name
> : "token-enhancer-ear-1.0.0-SNAPSHOT.ear")
> 17:07:15,373 INFO [stdout] (default task-16)
> ++++++++++++++++++++++++++++++++
> 17:07:15,380 INFO [stdout] (default task-16) entityManager is null
> 17:07:15,381 INFO [org.hibernate.jpa.boot.internal.PersistenceXmlParser]
> (default task-16) HHH000318: Could not find any META-INF/persistence.xml
> file in the classpath
> 17:07:15,381 INFO [org.hibernate.jpa.boot.internal.PersistenceXmlParser]
> (default task-16) HHH000318: Could not find any META-INF/persistence.xml
> file in the classpath
> 17:07:15,381 INFO [org.hibernate.jpa.boot.internal.PersistenceXmlParser]
> (default task-16) HHH000318: Could not find any META-INF/persistence.xml
> file in the classpath
> 17:07:15,381 INFO [org.hibernate.jpa.boot.internal.PersistenceXmlParser]
> (default task-16) HHH000318: Could not find any META-INF/persistence.xml
> file in the classpath
> 17:07:15,381 INFO [org.hibernate.jpa.boot.internal.PersistenceXmlParser]
> (default task-16) HHH000318: Could not find any META-INF/persistence.xml
> file in the classpath
> 17:07:15,381 ERROR [org.keycloak.services.error.KeycloakErrorHandler]
> (default task-16) Uncaught server error:
> javax.persistence.PersistenceException: No Persistence provider for
> EntityManager named UserPU
> at
>
> javax.persistence.Persistence.createEntityManagerFactory(Persistence.java:85)
> at
>
> javax.persistence.Persistence.createEntityManagerFactory(Persistence.java:54)
> at
>
> business.KeycloakTokenEnhancer.transformAccessToken(KeycloakTokenEnhancer.java:43)
> at
>
> org.keycloak.protocol.oidc.TokenManager.transformAccessToken(TokenManager.java:553)
> at
>
> org.keycloak.protocol.oidc.TokenManager.createClientAccessToken(TokenManager.java:411)
> at
>
> org.keycloak.protocol.oidc.TokenManager$AccessTokenResponseBuilder.generateAccessToken(TokenManager.java:712)
> at
>
> org.keycloak.services.resources.admin.ClientScopeEvaluateResource.generateToken(ClientScopeEvaluateResource.java:206)
> at
>
> org.keycloak.services.resources.admin.ClientScopeEvaluateResource.generateExampleAccessToken(ClientScopeEvaluateResource.java:178)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
>
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at
>
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at
>
> org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:138)
> at
>
> org.jboss.resteasy.core.ResourceMethodInvoker.internalInvokeOnTarget(ResourceMethodInvoker.java:517)
> at
>
> org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTargetAfterFilter(ResourceMethodInvoker.java:406)
> at
>
> org.jboss.resteasy.core.ResourceMethodInvoker.lambda$invokeOnTarget$0(ResourceMethodInvoker.java:370)
> at
>
> org.jboss.resteasy.core.interception.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:355)
> at
>
> org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:372)
> at
>
> org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:344)
> at
>
> org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:137)
> at
>
> org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:106)
> at
>
> org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:132)
> at
>
> org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:106)
> at
>
> org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:132)
> at
>
> org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:106)
> at
>
> org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:132)
> at
>
> org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:106)
> at
>
> org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:132)
> at
>
> org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:100)
> at
>
> org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:440)
> at
>
> org.jboss.resteasy.core.SynchronousDispatcher.lambda$invoke$4(SynchronousDispatcher.java:229)
> at
>
> org.jboss.resteasy.core.SynchronousDispatcher.lambda$preprocess$0(SynchronousDispatcher.java:135)
> at
>
> org.jboss.resteasy.core.interception.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:355)
> at
>
> org.jboss.resteasy.core.SynchronousDispatcher.preprocess(SynchronousDispatcher.java:138)
> at
>
> org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:215)
> at
>
> org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:227)
> at
>
> org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56)
> at
>
> org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:791)
> at
>
> io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74)
> at
>
> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
> at
>
> org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:90)
> at
> io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
> at
>
> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
> at
>
> io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
> at
>
> io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
> at
>
> io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68)
> at
>
> io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
> at
>
> org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
> at
>
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> at
>
> io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:132)
> at
>
> io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
> at
>
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> at
>
> io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
> at
>
> io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
> at
>
> io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
> at
>
> io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
> at
>
> io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
> at
>
> io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
> at
>
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> at
>
> org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
> at
>
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> at
>
> org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68)
> at
>
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> at
>
> io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292)
> at
>
> io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81)
> at
>
> io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138)
> at
>
> io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135)
> at
>
> io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
> at
>
> io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
> at
>
> org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105)
> at
>
> org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
> at
>
> org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
> at
>
> org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
> at
>
> org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
> at
>
> io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272)
> at
>
> io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)
> at
>
> io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104)
> at
> io.undertow.server.Connectors.executeRootHandler(Connectors.java:364)
> at
> io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:830)
> at
>
> org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
> at
>
> org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982)
> at
>
> org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
> at
>
> org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
> at java.lang.Thread.run(Thread.java:748)
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
More information about the keycloak-user
mailing list