<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On 10 March 2016 at 20:19, Firdos Ali <span dir="ltr"><<a href="mailto:ali@affordabletours.com" target="_blank">ali@affordabletours.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div lang="EN-US" link="#0563C1" vlink="#954F72"><div><p class="MsoNormal">Hello,<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">I am having a few problems with Keycloak. Let me first start with the environment information:<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">Keycloak version: 1.9.0<u></u><u></u></p><p class="MsoNormal">Keycloak wildfly version: 10.0.0<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">Application wildfly version: 8.0.0<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal"><b>Problem 1: EJB error - javax.ejb.EJBAccessException: JBAS013323: Invalid User<u></u><u></u></b></p><p class="MsoNormal">I have followed the documentation by adding the keycloak adapter to the application wildfly 8.0 and by server.xml has the following:<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal"><extensions><br> ….<br> <extension module="org.keycloak.keycloak-adapter-subsystem"/><br></extensions><u></u><u></u></p><p class="MsoNormal"><profile><br> <subsystem xmlns="urn:jboss:domain:security:1.2"><br> ….<br> <security-domain name="keycloak"><br> <authentication><br> <login-module code="org.keycloak.adapters.jboss.KeycloakLoginModule" flag="required"/><br> </authentication><br> </security-domain><br> </security-domains><br> </subsystem><br> …<br> <subsystem xmlns="urn:jboss:domain:keycloak:1.1"/><br></profile><u></u><u></u></p><p class="MsoNormal" style="text-autospace:none">MyEJB:<br><span style="font-size:10pt;font-family:Consolas;color:rgb(100,100,100)">@Stateless</span><span style="font-size:10pt;font-family:Consolas"><u></u><u></u></span></p><p class="MsoNormal" style="text-autospace:none"><span style="font-size:10pt;font-family:Consolas;color:rgb(100,100,100)">@Local</span><span style="font-size:10pt;font-family:Consolas;color:black">(MyInt.</span><b><span style="font-size:10pt;font-family:Consolas;color:rgb(127,0,85)">class</span></b><span style="font-size:10pt;font-family:Consolas;color:black">)</span><span style="font-size:10pt;font-family:Consolas"><u></u><u></u></span></p><p class="MsoNormal" style="text-autospace:none"><span style="font-size:10pt;font-family:Consolas;color:rgb(100,100,100)">@SecurityDomain</span><span style="font-size:10pt;font-family:Consolas;color:black">(</span><span style="font-size:10pt;font-family:Consolas;color:rgb(42,0,255)">"keycloak"</span><span style="font-size:10pt;font-family:Consolas;color:black">)<br></span><b><span style="font-size:10pt;font-family:Consolas;color:rgb(127,0,85)">public</span></b><span style="font-size:10pt;font-family:Consolas;color:black"> </span><b><span style="font-size:10pt;font-family:Consolas;color:rgb(127,0,85)">class</span></b><span style="font-size:10pt;font-family:Consolas;color:black"> MyBean </span><b><span style="font-size:10pt;font-family:Consolas;color:rgb(127,0,85)">implements</span></b><span style="font-size:10pt;font-family:Consolas;color:black"> MyInt <u></u><u></u></span></p><p class="MsoNormal" style="text-autospace:none"><span style="font-size:10pt;font-family:Consolas;color:black"> ...<u></u><u></u></span></p><p class="MsoNormal" style="text-autospace:none"><span style="font-size:10pt;font-family:Consolas;color:rgb(100,100,100)"> @PermitAll</span><span style="font-size:10pt;font-family:Consolas"><u></u><u></u></span></p><p class="MsoNormal" style="text-autospace:none"><span style="font-size:10pt;font-family:Consolas;color:black"> </span><span style="font-size:10pt;font-family:Consolas;color:rgb(100,100,100)">@TransactionAttribute</span><span style="font-size:10pt;font-family:Consolas;color:black">(TransactionAttributeType.</span><b><i><span style="font-size:10pt;font-family:Consolas;color:rgb(0,0,192)">REQUIRES_NEW</span></i></b><span style="font-size:10pt;font-family:Consolas;color:black">)</span><span style="font-size:10pt;font-family:Consolas"><u></u><u></u></span></p><p class="MsoNormal" style="text-autospace:none"><span style="font-size:10pt;font-family:Consolas;color:black"> </span><b><span style="font-size:10pt;font-family:Consolas;color:rgb(127,0,85)">public</span></b><span style="font-size:10pt;font-family:Consolas;color:black"> boolean myMethod(...) </span><b><span style="font-size:10pt;font-family:Consolas;color:rgb(127,0,85)">throws</span></b><span style="font-size:10pt;font-family:Consolas;color:black"> Exception {<u></u><u></u></span></p><p class="MsoNormal" style="text-autospace:none"><span style="font-size:10pt;font-family:Consolas;color:black"> }<u></u><u></u></span></p><p class="MsoNormal" style="text-autospace:none"><span style="font-size:10pt;font-family:Consolas;color:black"><u></u> <u></u></span></p><p class="MsoNormal" style="text-autospace:none"><span style="font-size:10pt;font-family:Consolas;color:black">At the moment I am not using jboss-ej3.xml as I reference the security domain in my EJB class. I added it and it did not help out<u></u><u></u></span></p><p class="MsoNormal" style="text-autospace:none"><span style="font-size:10pt;font-family:Consolas;color:black"><u></u> <u></u></span></p><p class="MsoNormal" style="text-autospace:none"><span style="font-size:10pt;font-family:Consolas;color:black">Stacktrace:<u></u><u></u></span></p><p class="MsoNormal" style="text-autospace:none">ERROR [org.jboss.as.ejb3.invocation] (default task-13) JBAS014134: EJB Invocation failed on component MyBean for method public abstract boolean com.at.ejb.MyInt.myMethod(…) throws java.lang.Exception: javax.ejb.EJBAccessException: JBAS013323: Invalid User<u></u><u></u></p><p class="MsoNormal" style="text-autospace:none"> at org.jboss.as.ejb3.security.SecurityContextInterceptor$1.run(SecurityContextInterceptor.java:66) [wildfly-ejb3-8.0.0.Final.jar:8.0.0.Final]<u></u><u></u></p><p class="MsoNormal" style="text-autospace:none"> at org.jboss.as.ejb3.security.SecurityContextInterceptor$1.run(SecurityContextInterceptor.java:46) [wildfly-ejb3-8.0.0.Final.jar:8.0.0.Final]<u></u><u></u></p><p class="MsoNormal" style="text-autospace:none"> at org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:92) [wildfly-ejb3-8.0.0.Final.jar:8.0.0.Final]<u></u><u></u></p><p class="MsoNormal" style="text-autospace:none"> at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)<u></u><u></u></p><p class="MsoNormal" style="text-autospace:none"> at org.jboss.as.ejb3.component.interceptors.ShutDownInterceptorFactory$1.processInvocation(ShutDownInterceptorFactory.java:64) [wildfly-ejb3-8.0.0.Final.jar:8.0.0.Final]<u></u><u></u></p><p class="MsoNormal" style="text-autospace:none"> at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)<u></u><u></u></p><p class="MsoNormal" style="text-autospace:none"> at org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:59) [wildfly-ejb3-8.0.0.Final.jar:8.0.0.Final]<u></u><u></u></p><p class="MsoNormal" style="text-autospace:none"> at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)<u></u><u></u></p><p class="MsoNormal" style="text-autospace:none"> at org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50)<u></u><u></u></p><p class="MsoNormal" style="text-autospace:none"> at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)<u></u><u></u></p><p class="MsoNormal" style="text-autospace:none"> at org.jboss.as.ejb3.component.interceptors.AdditionalSetupInterceptor.processInvocation(AdditionalSetupInterceptor.java:55) [wildfly-ejb3-8.0.0.Final.jar:8.0.0.Final]<u></u><u></u></p><p class="MsoNormal" style="text-autospace:none"> at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)<u></u><u></u></p><p class="MsoNormal" style="text-autospace:none"> at org.jboss.invocation.ContextClassLoaderInterceptor.processInvocation(ContextClassLoaderInterceptor.java:64)<u></u><u></u></p><p class="MsoNormal" style="text-autospace:none"> at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)<u></u><u></u></p><p class="MsoNormal" style="text-autospace:none"> at org.jboss.invocation.InterceptorContext.run(InterceptorContext.java:326)<u></u><u></u></p><p class="MsoNormal" style="text-autospace:none"> at org.wildfly.security.manager.WildFlySecurityManager.doChecked(WildFlySecurityManager.java:448)<u></u><u></u></p><p class="MsoNormal" style="text-autospace:none"> at org.jboss.invocation.AccessCheckingInterceptor.processInvocation(AccessCheckingInterceptor.java:61)<u></u><u></u></p><p class="MsoNormal" style="text-autospace:none"> at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)<u></u><u></u></p><p class="MsoNormal" style="text-autospace:none"> at org.jboss.invocation.InterceptorContext.run(InterceptorContext.java:326)<u></u><u></u></p><p class="MsoNormal" style="text-autospace:none"> at org.jboss.invocation.PrivilegedWithCombinerInterceptor.processInvocation(PrivilegedWithCombinerInterceptor.java:80)<u></u><u></u></p><p class="MsoNormal" style="text-autospace:none"> at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)<u></u><u></u></p><p class="MsoNormal" style="text-autospace:none"> at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)<u></u><u></u></p><p class="MsoNormal" style="text-autospace:none"> at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:185)<u></u><u></u></p><p class="MsoNormal" style="text-autospace:none"> at org.jboss.as.ee.component.ViewDescription$1.processInvocation(ViewDescription.java:182)<u></u><u></u></p><p class="MsoNormal" style="text-autospace:none"> at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)<u></u><u></u></p><p class="MsoNormal">Is there something I am missing from the documentation? Any thoughts how to resolve this issue?</p></div></div></blockquote><div><br></div><div>Is there a bearer token sent with the request that invokes the EJB? If so try with 1.9.1. Could be <a href="https://issues.jboss.org/browse/KEYCLOAK-2518">https://issues.jboss.org/browse/KEYCLOAK-2518</a> fixes this.</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div lang="EN-US" link="#0563C1" vlink="#954F72"><div><p class="MsoNormal"><u></u><u></u></p><p class="MsoNormal"><b>Problem 2: Unable to log out a user from keycloak administration console:<u></u><u></u></b></p><p class="MsoNormal">After I click “Logout” on the administration console in Keycloak, I see the following error on the keycloak server:<u></u><u></u></p><p class="MsoNormal">ERROR [io.undertow.request] (default task-26) UT005023: Exception handling request to /auth/admin/realms/affordabletours/sessions/f1e69f90-03fc-453d-a495-225bb0c429ab: org.jboss.resteasy.spi.UnhandledException: java.lang.NoSuchMethodError: org.apache.http.impl.client.HttpClientBuilder.setConnectionTimeToLive(JLjava/util/concurrent/TimeUnit;)Lorg/apache/http/impl/client/HttpClientBuilder;<br> at org.jboss.resteasy.core.ExceptionHandler.handleApplicationException(ExceptionHandler.java:76)</p></div></div></blockquote><div><br></div><div>Are you using the standalone Keycloak server? Looking at javadocs for httpclient setConnectionTimeToLive was added in 4.4. WildFly 10 uses httpclient 4.5, so looks like for some reason you have an old version of httpclient.</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div lang="EN-US" link="#0563C1" vlink="#954F72"><div><p class="MsoNormal"><u></u><u></u></p><p class="MsoNormal"><span style="font-size:10pt;font-family:Verdana,sans-serif"><br>Best regards,<br><br></span><a href="http://www.affordabletours.com/" title="blocked::http://www.affordabletours.com/" target="_blank"><b><span style="font-size:10pt;font-family:Verdana,sans-serif;color:blue">AffordableTours.com</span></b></a><br><span style="font-size:10pt;font-family:Verdana,sans-serif">Firdos Ali<br>Senior Project Manager<br>11150 Cash Road</span><br><span style="font-size:10pt;font-family:Verdana,sans-serif">Stafford, TX 77477</span><br><span style="font-size:10pt;font-family:Verdana,sans-serif">Toll Free <a href="tel:%28800%29%20935-2620%20X181" value="+18009352620" target="_blank">(800) 935-2620 X181</a><br>Direct <a href="tel:%28281%29%20269-2681" value="+12812692681" target="_blank">(281) 269-2681</a><br>Fax <a href="tel:%28281%29%20269-2691" value="+12812692691" target="_blank">(281) 269-2691</a><br>E-mail: <a href="mailto:ali@affordabletours.com" title="blocked::mailto:ali@affordabletours.com" target="_blank"><span style="color:blue">ali@affordabletours.com</span></a><br>My Working Hours: Mon - Fri: 09:00AM - 05:00PM CST<u></u><u></u></span></p><p class="MsoNormal" align="center" style="text-align:center"><i><span style="font-size:8pt;font-family:Arial,sans-serif;color:black">NOTICE: This e-mail message, including any attachments, is for the use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the recipient, please contact the sender by reply e-mail and destroy all copies of the original message</span></i><u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p></div></div><br>_______________________________________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br></blockquote></div><br></div></div>