<div dir="ltr">I tried deploying it onto a local wildfly in domain without the SSL enabled and it worked. What I can&#39;t figure it out is why the SSL is causing conflict and how to solve this, I can&#39;t simply disable the SSL.<div><br></div><div>Regards</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Nov 19, 2014 at 11:28 AM, Stan Silvert <span dir="ltr">&lt;<a href="mailto:ssilvert@redhat.com" target="_blank">ssilvert@redhat.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
  
    
  
  <div text="#000000" bgcolor="#FFFFFF">
    <div>Have you tried it using the two servers
      but without SSL?<br>
      <br>
      You can set ssl-required to &quot;none&quot; on the adapter (application)
      side.  Also on the Keycloak server side, try setting Access Type
      to &quot;public&quot;.  Do one of those at a time and see if either causes
      it to work.  That might narrow it down a bit.<div><div class="h5"><br>
      <br>
      On 11/19/2014 11:29 AM, Fabián Silva wrote:<br>
    </div></div></div><div><div class="h5">
    <blockquote type="cite">
      <div dir="ltr">
        <div>Hi,</div>
        <div>I&#39;m running out of ideas in here. In simple terms I got a
          Wildfly running on domain on a server and a keycloak on
          another server. I set the adapters on my wildfly and deploy,
          to this wildfly, a web app that uses keycloak. When I try to
          access the web app it displays the keycloak login, it
          validates the users ok, but when you access with a correct
          user and password it shows the &quot;403 - Forbidden&quot;. At first I
          thought it was some issue with the roles, but that didn&#39;t fix
          it.</div>
        <div><br>
        </div>
        <div>Regards</div>
        <div class="gmail_extra"><br>
          <div class="gmail_quote">On Fri, Nov 14, 2014 at 10:20 AM,
            Fabián Silva <span dir="ltr">&lt;<a href="mailto:afsg77@gmail.com" target="_blank">afsg77@gmail.com</a>&gt;</span>
            wrote:<br>
            <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
              <div dir="ltr">
                <div>Hi,</div>
                <div>It is already set to use the absolute path. And the
                  keycloak is working when I deploy the application to
                  my local wildfly domain. The issue is when I try to
                  deploy to another wildfly in domain mode on a separate
                  server. The application is the same and the only
                  difference I can tell from the two wildflys is that
                  the local don&#39;t have the SSL/HTTPS enabled. I have the
                  keycloak adapter set in both domains.</div>
                <div><br>
                </div>
                <div>I&#39;m trying to trace those errors on the keycloak
                  code to try to understand what is happening, but I
                  haven&#39;t been so lucky with this.</div>
                <div><br>
                </div>
                <div>Regards</div>
                <div>Alejandro Fabián Silva Grifé</div>
              </div>
              <div>
                <div>
                  <div class="gmail_extra"><br>
                    <div class="gmail_quote">On Fri, Nov 14, 2014 at
                      2:27 AM, Marek Posolda <span dir="ltr">&lt;<a href="mailto:mposolda@redhat.com" target="_blank">mposolda@redhat.com</a>&gt;</span>
                      wrote:<br>
                      <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
                        <div bgcolor="#FFFFFF" text="#000000">
                          <div>Hi,<br>
                            <br>
                            it failed on the adapter (application) side
                            and error 404 means &quot;Not found&quot;. So adapter
                            can&#39;t find the keycloak server to turn code
                            into token. Make sure to configure
                            &quot;auth-server-url&quot; in keycloak.json for your
                            application properly. If relative uri
                            doesn&#39;t work for some reason, you can rather
                            try to use absolute uri for auth-server-url
                            like <a href="https://localhost:8443/auth" target="_blank">&quot;https://localhost:8443/auth&quot;</a>
                            .<br>
                            <br>
                            Marek
                            <div>
                              <div><br>
                                <br>
                                On 14.11.2014 01:31, Fabián Silva wrote:<br>
                              </div>
                            </div>
                          </div>
                          <blockquote type="cite">
                            <div>
                              <div>
                                <div dir="ltr">
                                  <div>I have a keycloak installed on
                                    wildfly standalone. I&#39;m trying to
                                    deploy an application, that use this
                                    keycloak, on a separate server with
                                    wilflly running on domain mode. I
                                    tried first to deploy on a domain
                                    out of the box on my local machine,
                                    setting the
                                    keycloak-wildfly-adapter-dist-1.0.4.Final.
                                    It deploys fine and does the
                                    authentication without any issues.
                                    When I try to migrate it to the
                                    server running my wilfly (also in
                                    domain mode and the keycloak adapter
                                    set), it deploys fine and shows the
                                    keycloak login once you enter the
                                    application. But the problem is that
                                    when you login it displays a &quot;403 -
                                    Forbidden&quot; and on the log I&#39;m
                                    seeing </div>
                                  <div>ERROR
                                    [org.keycloak.adapters.OAuthRequestAuthenticator]
                                    (default task-6) failed to turn code
                                    into token</div>
                                  <div>ERROR
                                    [org.keycloak.adapters.OAuthRequestAuthenticator]
                                    (default task-6) status from server:
                                    404</div>
                                  <div>The only difference between those
                                    two wildfly domain mode is that in
                                    the local I don&#39;t have the the
                                    SSL/HTTPS enabled.</div>
                                  <div><br>
                                  </div>
                                  <div>Have anyone seen this error? or
                                    have an idea of what this could be?</div>
                                  <div><br>
                                  </div>
                                  <div>Regards</div>
                                </div>
                                <br>
                                <fieldset></fieldset>
                                <br>
                              </div>
                            </div>
                            <pre>_______________________________________________
keycloak-user mailing list
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>
                          </blockquote>
                          <br>
                        </div>
                      </blockquote>
                    </div>
                    <br>
                  </div>
                </div>
              </div>
            </blockquote>
          </div>
          <br>
        </div>
      </div>
      <br>
      <fieldset></fieldset>
      <br>
      <pre>_______________________________________________
keycloak-user mailing list
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>
    </blockquote>
    <br>
  </div></div></div>

<br>_______________________________________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br></blockquote></div><br></div>