<div dir="ltr">i managed to resolve the issue by setting. <a id="adapter-config" style="color:rgb(51,51,51);font-family:'Lucida Grande',Geneva,Verdana,Arial,sans-serif;font-size:12px;line-height:18px;text-align:justify"><pre class="" style="font-size:0.9em;font-family:courrier,monospace;overflow:auto;padding:5px 15px 5px 25px;border:1px solid rgb(204,204,204);background-color:rgb(245,245,245)"> "disable-trust-manager": true</pre></a><div class="gmail_extra">now there are 2 more issues.</div><div class="gmail_extra"><br></div><div class="gmail_extra">1) proxy is redirecting to actual app but is not consistent. sometimes can redirect but sometimes prompted a download file.</div><div class="gmail_extra"><br></div><div class="gmail_extra">2) noticed <a id="d4e2056" style="color:rgb(51,51,51);font-family:'Lucida Grande',Geneva,Verdana,Arial,sans-serif;font-size:12px;line-height:18px;text-align:justify"><div class="" style="margin-top:0.6em;display:inline!important"><dl style="display:inline!important"><dt style="font-weight:bold;margin-bottom:0em;padding-bottom:0em;display:inline!important"><span class="">KEYCLOAK_USERNAME is not set in the cookie</span></dt></dl></div></a></div><div class="gmail_extra"><br></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Feb 24, 2015 at 12:25 PM, Chen Keong Yap <span dir="ltr"><<a href="mailto:chenkeong.yap@izeno.com" target="_blank">chenkeong.yap@izeno.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr"><br><div>i've already added ssl cert to java cacerts. do you have any ideas what went wrong?</div><div><br></div><div><br></div><div><br></div><div><div>INFO: XNIO NIO Implementation Version 3.3.0.Final</div><div>Feb 24, 2015 12:23:54 PM org.keycloak.adapters.OAuthRequestAuthenticator resolve</div><div>Code</div><div>ERROR: failed to turn code into token</div><div>javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated</div><div> at sun.security.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.ja</div><div>va:397)</div><div> at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.jav</div><div>a:128)</div><div> at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFact</div><div>ory.java:572)</div><div> at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnect</div><div>ion(DefaultClientConnectionOperator.java:180)</div><div> at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.ja</div><div>va:151)</div><div> at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPool</div><div>edConnAdapter.java:125)</div><div> at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(Default</div><div>RequestDirector.java:640)</div><div> at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultReq</div><div>uestDirector.java:479)</div><div> at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpCl</div><div>ient.java:906)</div><div> at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpCl</div><div>ient.java:805)</div><div> at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpCl</div><div>ient.java:784)</div><div> at org.keycloak.adapters.ServerRequest.invokeAccessCodeToToken(ServerReq</div><div>uest.java:122)</div><div> at org.keycloak.adapters.ServerRequest.invokeAccessCodeToToken(ServerReq</div><div>uest.java:95)</div><div> at org.keycloak.adapters.OAuthRequestAuthenticator.resolveCode(OAuthRequ</div><div>estAuthenticator.java:261)</div><div> at org.keycloak.adapters.OAuthRequestAuthenticator.authenticate(OAuthReq</div><div>uestAuthenticator.java:208)</div><div> at org.keycloak.adapters.RequestAuthenticator.authenticate(RequestAuthen</div><div>ticator.java:90)</div></div></div><div class="gmail_extra"><div><div class="h5"><br><div class="gmail_quote">On Mon, Feb 23, 2015 at 6:31 PM, Chen Keong Yap <span dir="ltr"><<a href="mailto:chenkeong.yap@izeno.com" target="_blank">chenkeong.yap@izeno.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><p dir="ltr">Just wondering is there any issues with the keycloak proxy. Step 4 and 5 not happening</p>
<div class="gmail_quote"><div><div>On Feb 20, 2015 10:21 PM, "Schneider, John DODGE CONSULTING SERVICES, LLC" <<a href="mailto:John.Schneider@carrier.utc.com" target="_blank">John.Schneider@carrier.utc.com</a>> wrote:<br type="attribution"></div></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div><div>
<div lang="EN-US" link="blue" vlink="purple">
<div>
<p class="MsoNormal">Hi,<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">I’m also experimenting with the proxy server. Its working perfectly for some target URL’s, but I’m getting 404 errors for other known-valid URL’s. No idea if this is the root cause or not, but I think there’s a correlation between target
servers that serve virtual hosts and require either absolute paths in the HTTP GET, or the Host header as defined in HTTP 1.1. The proxy seems to be fine whenever I can telnet to a server and receive a successful GET response without specifying the host.<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Is there any way to trigger proxy logging or more verbose output? This would be very useful for troubleshooting this and other foreseeable issues.<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Thanks,<u></u><u></u></p>
<p class="MsoNormal">John<u></u><u></u></p>
</div>
</div>
<br></div></div><span>_______________________________________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a><br>
</span><a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br></blockquote></div>
</blockquote></div><br></div></div></div></blockquote></div><div class="gmail_signature"><div dir="ltr"><br><div style="text-align:left"><br></div></div></div>
</div></div>