<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Sorry for late response. We were all traveling last week for face
to face meetings.<br>
<br>
Check out this:<br>
<br>
<a class="moz-txt-link-freetext" href="http://keycloak.github.io/docs/userguide/keycloak-server/html/ch08.html#jboss-adapter">http://keycloak.github.io/docs/userguide/keycloak-server/html/ch08.html#jboss-adapter</a><br>
<br>
Look for KeycloakLoginModule You have to set this up in order to
propagate between component layers. I wish we didn't have to
require this extra step, but its just a falacy of the current
Wildfly security architecture.<br>
<br>
<div class="moz-cite-prefix">On 3/18/2016 10:31 AM, Firdos Ali
wrote:<br>
</div>
<blockquote
cite="mid:03e301d18122$e7407f50$b5c17df0$@affordabletours.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
@font-face
{font-family:Verdana;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">The
EJB is called from the server-side web app. This is a
legacy app using Struts, so after the user logs in from
keycloak they are redirected back to the webapp. The web
application has access to the user, however the EJB does not
find a user and throws back the error.<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">I
have the following in my jboss-web.xml:<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><?xml
version="1.0" encoding="UTF-8"?><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><jboss-web><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><security-domain>java:/jaas/keycloak</security-domain><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"></jboss-web><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">I
have the following in my jboss-ejb3.xml:<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><?xml
version="1.0" encoding="UTF-8"?><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><jboss:ejb-jar<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">
xmlns=<a class="moz-txt-link-rfc2396E" href="http://java.sun.com/xml/ns/javaee">"http://java.sun.com/xml/ns/javaee"</a><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">
xmlns:jboss=<a class="moz-txt-link-rfc2396E" href="http://www.jboss.com/xml/ns/javaee">"http://www.jboss.com/xml/ns/javaee"</a><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">
xmlns:xsi=<a class="moz-txt-link-rfc2396E" href="http://www.w3.org/2001/XMLSchema-instance">"http://www.w3.org/2001/XMLSchema-instance"</a><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">
xmlns:s="urn:security:1.1"<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">
version="3.1" impl-version="2.0"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">
<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"> <assembly-descriptor><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">
<s:security><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">
<ejb-name>*</ejb-name><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">
<s:security-domain>keycloak</s:security-domain><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">
<s:run-as-principal></s:run-as-principal><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">
<s:missing-method-permissions-deny-access>true</s:missing-method-permissions-deny-access><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">
</s:security><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">
</assembly-descriptor><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"></jboss:ejb-jar><o:p></o:p></span></p>
<p class="MsoNormal"><a moz-do-not-send="true"
name="_MailEndCompose"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></a></p>
<p class="MsoNormal"><b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">From:</span></b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">
Stian Thorgersen [<a class="moz-txt-link-freetext" href="mailto:sthorger@redhat.com">mailto:sthorger@redhat.com</a>] <br>
<b>Sent:</b> Friday, March 18, 2016 7:05 AM<br>
<b>To:</b> Firdos Ali <a class="moz-txt-link-rfc2396E" href="mailto:ali@affordabletours.com"><ali@affordabletours.com></a><br>
<b>Cc:</b> keycloak-user
<a class="moz-txt-link-rfc2396E" href="mailto:keycloak-user@lists.jboss.org"><keycloak-user@lists.jboss.org></a>; Stian Thorgersen
<a class="moz-txt-link-rfc2396E" href="mailto:stian@redhat.com"><stian@redhat.com></a><br>
<b>Subject:</b> RE: [keycloak-user] EJB Invalid User + Log
Out not working<o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p>How is the ejb being called? >From jax-rs service or
server-side web app? For there to be a user you need to be
authenticated as a user so either the server-side webapp has
redirected to login page or there is a bearer token included
in the authorisation header of the http request.<o:p></o:p></p>
<p class="MsoNormal">On 15 Mar 2016 17:58, "Firdos Ali" <<a
moz-do-not-send="true" href="mailto:ali@affordabletours.com"><a class="moz-txt-link-abbreviated" href="mailto:ali@affordabletours.com">ali@affordabletours.com</a></a>>
wrote:<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">Thank
you for the prompt response.</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">I
moved to keycloak 1.9.1 both on the server and updated the
adapter, however it is still not working. Let me clarify on
a few other things and hopefully that will provide some
additional context</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">We
put our project in an ear file which contains one jar file
inclusive of the stateless ejbs, one war file, and a few
other supporting jar files. </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">The
war file has the keycloak.json with the following:</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">{</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">
"realm": "affordabletours",</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">
"realm-public-key": "some key",</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">
"auth-server-url": "<a moz-do-not-send="true"
href="http://10.0.0.1:8080/auth" target="_blank">http://10.0.0.1:8080/auth</a>",</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">
"ssl-required": "external",</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">
"resource": "keycloaktest",</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">
"credentials": {</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">
"secret": "some secret"</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">
}</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">}</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">Are
you suggesting that I change the resource “keycloaktest”
access type from ‘confidential’ to ‘bearer-only’? If so, I
tried that and unfortunately that did not work. I guess my
confusion is how would the jar file with the ejbs is aware
of the security context when it is only at the war level?
Thanks</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><a
moz-do-not-send="true"
name="-279217427159260115__MailEndCompose"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"> </span></a><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">From:</span></b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">
Stian Thorgersen [mailto:<a moz-do-not-send="true"
href="mailto:sthorger@redhat.com" target="_blank">sthorger@redhat.com</a>]
<br>
<b>Sent:</b> Friday, March 11, 2016 12:29 AM<br>
<b>To:</b> Firdos Ali <<a moz-do-not-send="true"
href="mailto:ali@affordabletours.com" target="_blank">ali@affordabletours.com</a>><br>
<b>Cc:</b> keycloak-user <<a moz-do-not-send="true"
href="mailto:keycloak-user@lists.jboss.org"
target="_blank">keycloak-user@lists.jboss.org</a>><br>
<b>Subject:</b> Re: [keycloak-user] EJB Invalid User + Log
Out not working</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">On
10 March 2016 at 20:19, Firdos Ali <<a
moz-do-not-send="true"
href="mailto:ali@affordabletours.com" target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:ali@affordabletours.com">ali@affordabletours.com</a></a>>
wrote:<o:p></o:p></p>
<blockquote style="border:none;border-left:solid #CCCCCC
1.0pt;padding:0in 0in 0in
6.0pt;margin-left:4.8pt;margin-top:5.0pt;margin-right:0in;margin-bottom:5.0pt">
<div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Hello,<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">I
am having a few problems with Keycloak. Let me first
start with the environment information:<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Keycloak
version: 1.9.0<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Keycloak
wildfly version: 10.0.0<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Application
wildfly version: 8.0.0<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b>Problem
1: EJB error - javax.ejb.EJBAccessException:
JBAS013323: Invalid User</b><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">I
have followed the documentation by adding the keycloak
adapter to the application wildfly 8.0 and by
server.xml has the following:<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><extensions><br>
….<br>
<extension
module="org.keycloak.keycloak-adapter-subsystem"/><br>
</extensions><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><profile><br>
<subsystem
xmlns="urn:jboss:domain:security:1.2"><br>
….<br>
<security-domain name="keycloak"><br>
<authentication><br>
<login-module
code="org.keycloak.adapters.jboss.KeycloakLoginModule"
flag="required"/><br>
</authentication><br>
</security-domain><br>
</security-domains><br>
</subsystem><br>
…<br>
<subsystem
xmlns="urn:jboss:domain:keycloak:1.1"/><br>
</profile><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none">MyEJB:<br>
<span
style="font-size:10.0pt;font-family:Consolas;color:#646464">@Stateless</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none"><span
style="font-size:10.0pt;font-family:Consolas;color:#646464">@Local</span><span
style="font-size:10.0pt;font-family:Consolas;color:black">(MyInt.</span><b><span
style="font-size:10.0pt;font-family:Consolas;color:#7F0055">class</span></b><span
style="font-size:10.0pt;font-family:Consolas;color:black">)</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none"><span
style="font-size:10.0pt;font-family:Consolas;color:#646464">@SecurityDomain</span><span
style="font-size:10.0pt;font-family:Consolas;color:black">(</span><span
style="font-size:10.0pt;font-family:Consolas;color:#2A00FF">"keycloak"</span><span
style="font-size:10.0pt;font-family:Consolas;color:black">)<br>
</span><b><span
style="font-size:10.0pt;font-family:Consolas;color:#7F0055">public</span></b><span
style="font-size:10.0pt;font-family:Consolas;color:black"> </span><b><span
style="font-size:10.0pt;font-family:Consolas;color:#7F0055">class</span></b><span
style="font-size:10.0pt;font-family:Consolas;color:black"> MyBean </span><b><span
style="font-size:10.0pt;font-family:Consolas;color:#7F0055">implements</span></b><span
style="font-size:10.0pt;font-family:Consolas;color:black"> MyInt </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none"><span
style="font-size:10.0pt;font-family:Consolas;color:black"> ...</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none"><span
style="font-size:10.0pt;font-family:Consolas;color:#646464">
@PermitAll</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none"><span
style="font-size:10.0pt;font-family:Consolas;color:black"> </span><span
style="font-size:10.0pt;font-family:Consolas;color:#646464">@TransactionAttribute</span><span
style="font-size:10.0pt;font-family:Consolas;color:black">(TransactionAttributeType.</span><b><i><span
style="font-size:10.0pt;font-family:Consolas;color:#0000C0">REQUIRES_NEW</span></i></b><span
style="font-size:10.0pt;font-family:Consolas;color:black">)</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none"><span
style="font-size:10.0pt;font-family:Consolas;color:black"> </span><b><span
style="font-size:10.0pt;font-family:Consolas;color:#7F0055">public</span></b><span
style="font-size:10.0pt;font-family:Consolas;color:black"> boolean
myMethod(...) </span><b><span
style="font-size:10.0pt;font-family:Consolas;color:#7F0055">throws</span></b><span
style="font-size:10.0pt;font-family:Consolas;color:black"> Exception {</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none"><span
style="font-size:10.0pt;font-family:Consolas;color:black"> }</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none"><span
style="font-size:10.0pt;font-family:Consolas;color:black"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none"><span
style="font-size:10.0pt;font-family:Consolas;color:black">At the moment
I am not using jboss-ej3.xml as I reference the
security domain in my EJB class. I added it and it
did not help out</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none"><span
style="font-size:10.0pt;font-family:Consolas;color:black"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none"><span
style="font-size:10.0pt;font-family:Consolas;color:black">Stacktrace:</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none">ERROR
[org.jboss.as.ejb3.invocation] (default task-13)
JBAS014134: EJB Invocation failed on component MyBean
for method public abstract boolean
com.at.ejb.MyInt.myMethod(…) throws
java.lang.Exception: javax.ejb.EJBAccessException:
JBAS013323: Invalid User<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none">
at
org.jboss.as.ejb3.security.SecurityContextInterceptor$1.run(SecurityContextInterceptor.java:66)
[wildfly-ejb3-8.0.0.Final.jar:8.0.0.Final]<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none">
at
org.jboss.as.ejb3.security.SecurityContextInterceptor$1.run(SecurityContextInterceptor.java:46)
[wildfly-ejb3-8.0.0.Final.jar:8.0.0.Final]<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none">
at
org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:92)
[wildfly-ejb3-8.0.0.Final.jar:8.0.0.Final]<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none">
at
org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none">
at
org.jboss.as.ejb3.component.interceptors.ShutDownInterceptorFactory$1.processInvocation(ShutDownInterceptorFactory.java:64)
[wildfly-ejb3-8.0.0.Final.jar:8.0.0.Final]<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none">
at
org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none">
at
org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:59)
[wildfly-ejb3-8.0.0.Final.jar:8.0.0.Final]<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none">
at
org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none">
at
org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50)<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none">
at
org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none">
at
org.jboss.as.ejb3.component.interceptors.AdditionalSetupInterceptor.processInvocation(AdditionalSetupInterceptor.java:55)
[wildfly-ejb3-8.0.0.Final.jar:8.0.0.Final]<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none">
at
org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none">
at
org.jboss.invocation.ContextClassLoaderInterceptor.processInvocation(ContextClassLoaderInterceptor.java:64)<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none">
at
org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none">
at
org.jboss.invocation.InterceptorContext.run(InterceptorContext.java:326)<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none">
at
org.wildfly.security.manager.WildFlySecurityManager.doChecked(WildFlySecurityManager.java:448)<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none">
at
org.jboss.invocation.AccessCheckingInterceptor.processInvocation(AccessCheckingInterceptor.java:61)<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none">
at
org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none">
at
org.jboss.invocation.InterceptorContext.run(InterceptorContext.java:326)<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none">
at
org.jboss.invocation.PrivilegedWithCombinerInterceptor.processInvocation(PrivilegedWithCombinerInterceptor.java:80)<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none">
at
org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none">
at
org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none">
at
org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:185)<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none">
at
org.jboss.as.ee.component.ViewDescription$1.processInvocation(ViewDescription.java:182)<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;text-autospace:none">
at
org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Is
there something I am missing from the documentation?
Any thoughts how to resolve this issue?<o:p></o:p></p>
</div>
</div>
</blockquote>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Is
there a bearer token sent with the request that invokes
the EJB? If so try with 1.9.1. Could be <a
moz-do-not-send="true"
href="https://issues.jboss.org/browse/KEYCLOAK-2518"
target="_blank"><a class="moz-txt-link-freetext" href="https://issues.jboss.org/browse/KEYCLOAK-2518">https://issues.jboss.org/browse/KEYCLOAK-2518</a></a>
fixes this.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
</div>
<blockquote style="border:none;border-left:solid #CCCCCC
1.0pt;padding:0in 0in 0in
6.0pt;margin-left:4.8pt;margin-top:5.0pt;margin-right:0in;margin-bottom:5.0pt">
<div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b>Problem
2: Unable to log out a user from keycloak
administration console:</b><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">After
I click “Logout” on the administration console in
Keycloak, I see the following error on the keycloak
server:<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">ERROR
[io.undertow.request] (default task-26) UT005023:
Exception handling request to
/auth/admin/realms/affordabletours/sessions/f1e69f90-03fc-453d-a495-225bb0c429ab:
org.jboss.resteasy.spi.UnhandledException:
java.lang.NoSuchMethodError:
org.apache.http.impl.client.HttpClientBuilder.setConnectionTimeToLive(JLjava/util/concurrent/TimeUnit;)Lorg/apache/http/impl/client/HttpClientBuilder;<br>
at
org.jboss.resteasy.core.ExceptionHandler.handleApplicationException(ExceptionHandler.java:76)<o:p></o:p></p>
</div>
</div>
</blockquote>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Are
you using the standalone Keycloak server? Looking at
javadocs for httpclient setConnectionTimeToLive was added
in 4.4. WildFly 10 uses httpclient 4.5, so looks like for
some reason you have an old version of httpclient.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
</div>
<blockquote style="border:none;border-left:solid #CCCCCC
1.0pt;padding:0in 0in 0in
6.0pt;margin-left:4.8pt;margin-top:5.0pt;margin-right:0in;margin-bottom:5.0pt">
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:10.0pt;font-family:"Verdana",sans-serif"><br>
Best regards,<br>
<br>
</span><br>
_______________________________________________<br>
keycloak-user mailing list<br>
<a moz-do-not-send="true"
href="mailto:keycloak-user@lists.jboss.org"
target="_blank">keycloak-user@lists.jboss.org</a><br>
<a moz-do-not-send="true"
href="https://lists.jboss.org/mailman/listinfo/keycloak-user"
target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><o:p></o:p></p>
</blockquote>
</div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
keycloak-user mailing list
<a class="moz-txt-link-abbreviated" href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a>
<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/keycloak-user">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Bill Burke
JBoss, a division of Red Hat
<a class="moz-txt-link-freetext" href="http://bill.burkecentral.com">http://bill.burkecentral.com</a></pre>
</body>
</html>