<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">Hi,<br>
<br>
it seems from the log, that you tried to put Kerberos
(SpnegoAuthenticator) to the directAccessGrant flow, is it
correct? This won't work. The implementation of
SpnegoAuthenticator is supposed to work just for browser based
flow when browser is supposed to send HTTP header with SPNEGO
token like "Authorization: Negotiate your-spnego-kerberos-token"
. <br>
<br>
It seems that to avoid similar confusions, we should have some
filters (or authentication subtypes), which will allow to specify
which authenticator is supposed to be used in which flow. I've
created JIRA for that
<a class="moz-txt-link-freetext" href="https://issues.jboss.org/browse/KEYCLOAK-3043">https://issues.jboss.org/browse/KEYCLOAK-3043</a> .<br>
<br>
If I understand correctly your usecase, you sent username+password
to direct grant authentication and you want Keycloak to verify the
given username+password against Kerberos right? In this case, you
can just use default directGrant flow without any changes. All you
need to do is to check the flag " Use Kerberos For Password
Authentication" in the configuration of your LDAP federation
provider.<br>
<br>
Marek<br>
<br>
<br>
On 23/05/16 17:51, Gareth Healy wrote:<br>
</div>
<blockquote
cite="mid:CAD4q6W+fs8-mS3PD8KwUB3E+zj+rNF+XE8xg4xPqJZ1mrgKopw@mail.gmail.com"
type="cite">
<div dir="ltr">
<div>I am trying to hook up APIMan with KeyCloak using Kerberos
and OAuth2. I am trying to get a token from key cloak using
the following URL:</div>
<br clear="all">
<blockquote style="margin:0px 0px 0px
40px;border:none;padding:0px">
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:13px">curl
-X POST <a moz-do-not-send="true"
href="http://localhost:29080/auth/realms/freeipa/protocol/openid-connect/token"
target="_blank">http://localhost:29080/auth/realms/freeipa/protocol/openid-connect/token</a>
-H "Content-Type: application/x-www-form-urlencoded" -d
"username=admin" -d 'password=Secret123' -d
'grant_type=password' -d 'client_id=mapper' -d
'client_secret=027fbd51-135b-47d6-86cd-7ce541b38984'</div>
</div>
</blockquote>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:13px"><br>
</div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:13px">But,
get an exception back:</div>
</div>
<blockquote style="margin:0px 0px 0px
40px;border:none;padding:0px">
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:13px"><br>
</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,676 DEBUG [org.keycloak.services] (default
task-51) AUTHENTICATE CLIENT</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,676 TRACE [org.keycloak.services] (default
task-51) Using executions for client authentication:
[de08b32a-a4a5-469c-91cc-0fbca51e1c2f,
de3db156-dcc2-4346-bf3a-e56e8e10ed5f]</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,676 DEBUG [org.keycloak.services] (default
task-51) client authenticator: client-secret</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,676 DEBUG [org.keycloak.services] (default
task-51) client authenticator SUCCESS: client-secret</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,676 DEBUG [org.keycloak.services] (default
task-51) Client mapper authenticated by client-secret</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,676 TRACE
[org.keycloak.models.sessions.infinispan.InfinispanUserSessionProvider]
(default task-51) Adding cache operation: ADD on
7ad60b45-4e69-45a4-a995-ee65d9ee47ae</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,676 TRACE
[org.keycloak.models.sessions.infinispan.InfinispanUserSessionProvider]
(default task-51) Adding cache operation: REPLACE on
7ad60b45-4e69-45a4-a995-ee65d9ee47ae</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,676 TRACE
[org.keycloak.models.sessions.infinispan.InfinispanUserSessionProvider]
(default task-51) Adding cache operation: REPLACE on
7ad60b45-4e69-45a4-a995-ee65d9ee47ae</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,676 TRACE
[org.keycloak.models.sessions.infinispan.InfinispanUserSessionProvider]
(default task-51) Adding cache operation: REPLACE on
7ad60b45-4e69-45a4-a995-ee65d9ee47ae</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,676 TRACE
[org.keycloak.models.sessions.infinispan.InfinispanUserSessionProvider]
(default task-51) Adding cache operation: REPLACE on
7ad60b45-4e69-45a4-a995-ee65d9ee47ae</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,676 TRACE
[org.keycloak.models.sessions.infinispan.InfinispanUserSessionProvider]
(default task-51) Adding cache operation: REPLACE on
7ad60b45-4e69-45a4-a995-ee65d9ee47ae</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,676 DEBUG [org.keycloak.services] (default
task-51) AUTHENTICATE ONLY</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,676 TRACE
[org.keycloak.models.sessions.infinispan.InfinispanUserSessionProvider]
(default task-51) Adding cache operation: REPLACE on
7ad60b45-4e69-45a4-a995-ee65d9ee47ae</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,676 DEBUG [org.keycloak.services] (default
task-51) processFlow</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,676 DEBUG [org.keycloak.services] (default
task-51) check execution: direct-grant-validate-username
requirement: REQUIRED</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,676 DEBUG [org.keycloak.services] (default
task-51) authenticator: direct-grant-validate-username</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,676 DEBUG [org.keycloak.services] (default
task-51) invoke authenticator.authenticate</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,676 TRACE
[org.keycloak.models.sessions.infinispan.InfinispanUserSessionProvider]
(default task-51) Adding cache operation: REPLACE on
7ad60b45-4e69-45a4-a995-ee65d9ee47ae</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,677 TRACE
[org.keycloak.federation.ldap.idm.store.ldap.LDAPIdentityStore]
(default task-51) Using filter for LDAP search:
(&(uid=admin)(objectclass=person)) . Searching in DN:
cn=users,cn=accounts,dc=example,dc=test</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,682 TRACE
[org.keycloak.federation.ldap.idm.store.ldap.LDAPIdentityStore]
(default task-51) Found ldap object and populated with the
attributes. LDAP Object: LDAP Object [ dn:
uid=admin,cn=users,cn=accounts,dc=example,dc=test , uuid:
afc65b08-1e75-11e6-9645-02420a01010f, attributes:
{uid=[admin], gecos=[Administrator], sn=[Administrator],
cn=[Administrator], createTimestamp=[20160520102908Z],
modifyTimestamp=[20160523142225Z]}, readOnly attribute
names: [createtimestamp, modifytimestamp] ]</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,682 TRACE
[org.keycloak.models.sessions.infinispan.InfinispanUserSessionProvider]
(default task-51) Adding cache operation: REPLACE on
7ad60b45-4e69-45a4-a995-ee65d9ee47ae</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,682 DEBUG [org.keycloak.services] (default
task-51) authenticator SUCCESS:
direct-grant-validate-username</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,682 TRACE
[org.keycloak.models.sessions.infinispan.InfinispanUserSessionProvider]
(default task-51) Adding cache operation: REPLACE on
7ad60b45-4e69-45a4-a995-ee65d9ee47ae</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,682 DEBUG [org.keycloak.services] (default
task-51) check execution: direct-grant-validate-password
requirement: DISABLED</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,682 DEBUG [org.keycloak.services] (default
task-51) execution is processed</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,682 DEBUG [org.keycloak.services] (default
task-51) check execution: auth-spnego requirement:
ALTERNATIVE</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,682 DEBUG [org.keycloak.services] (default
task-51) authenticator: auth-spnego</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,682 DEBUG [org.keycloak.services] (default
task-51) invoke authenticator.authenticate</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,682 TRACE [org.keycloak.services] (default
task-51) Sending back WWW-Authenticate: Negotiate</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,682 TRACE
[org.keycloak.models.sessions.infinispan.InfinispanUserSessionProvider]
(default task-51) Adding cache operation: REPLACE on
7ad60b45-4e69-45a4-a995-ee65d9ee47ae</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">2016-05-23
14:22:25,683 ERROR [io.undertow.request] (default task-51)
UT005023: Exception handling request to
/auth/realms/freeipa/protocol/openid-connect/token:
org.jboss.resteasy.spi.UnhandledException:
java.lang.IllegalArgumentException: RESTEASY003715: path
was null</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
org.jboss.resteasy.core.ExceptionHandler.handleApplicationException(ExceptionHandler.java:76)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
org.jboss.resteasy.core.ExceptionHandler.handleException(ExceptionHandler.java:212)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
org.jboss.resteasy.core.SynchronousDispatcher.writeException(SynchronousDispatcher.java:168)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:411)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:202)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:221)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
javax.servlet.http.HttpServlet.service(HttpServlet.java:790)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:78)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:174)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
io.undertow.server.Connectors.executeRootHandler(Connectors.java:202)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at java.lang.Thread.run(Thread.java:745)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">Caused
by: java.lang.IllegalArgumentException: RESTEASY003715:
path was null</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
org.jboss.resteasy.specimpl.ResteasyUriBuilder.path(ResteasyUriBuilder.java:357)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
org.keycloak.authentication.AuthenticationProcessor$Result.getActionUrl(AuthenticationProcessor.java:478)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
org.keycloak.authentication.authenticators.browser.SpnegoAuthenticator.optionalChallengeRedirect(SpnegoAuthenticator.java:137)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
org.keycloak.authentication.authenticators.browser.SpnegoAuthenticator.challengeNegotiation(SpnegoAuthenticator.java:121)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
org.keycloak.authentication.authenticators.browser.SpnegoAuthenticator.authenticate(SpnegoAuthenticator.java:65)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
org.keycloak.authentication.DefaultAuthenticationFlow.processFlow(DefaultAuthenticationFlow.java:183)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
org.keycloak.authentication.AuthenticationProcessor.authenticateOnly(AuthenticationProcessor.java:789)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
org.keycloak.protocol.oidc.endpoints.TokenEndpoint.buildResourceOwnerPasswordCredentialsGrant(TokenEndpoint.java:379)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
org.keycloak.protocol.oidc.endpoints.TokenEndpoint.build(TokenEndpoint.java:125)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
sun.reflect.GeneratedMethodAccessor587.invoke(Unknown
Source)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at java.lang.reflect.Method.invoke(Method.java:497)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:139)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:295)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:249)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:138)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:107)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:133)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:101)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
at
org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:395)</div>
</div>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">
... 37 more</div>
</div>
</blockquote>
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt"><br>
</div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt">Looking
in the code, i can see i am missing the "flowPath", but not
sure where this should be set.</div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt"><br>
</div>
</div>
<blockquote style="margin:0 0 0 40px;border:none;padding:0px">
<div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt"><a
moz-do-not-send="true"
href="https://github.com/keycloak/keycloak/blob/1.9.x/services/src/main/java/org/keycloak/authentication/authenticators/browser/SpnegoAuthenticator.java#L137"
target="_blank"><a class="moz-txt-link-freetext" href="https://github.com/keycloak/keycloak/blob/1.9.x/services/src/main/java/org/keycloak/authentication/authenticators/browser/SpnegoAuthenticator.java#L137">https://github.com/keycloak/keycloak/blob/1.9.x/services/src/main/java/org/keycloak/authentication/authenticators/browser/SpnegoAuthenticator.java#L137</a></a></div>
</div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt"><br>
</div>
<div
style="color:rgb(0,0,0);font-family:Tahoma;font-size:10pt"><a
moz-do-not-send="true"
href="https://github.com/keycloak/keycloak/blob/1.9.x/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java#L476"
target="_blank"><a class="moz-txt-link-freetext" href="https://github.com/keycloak/keycloak/blob/1.9.x/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java#L476">https://github.com/keycloak/keycloak/blob/1.9.x/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java#L476</a></a></div>
</blockquote>
<div><br>
</div>
<div>Can anyone point me in the right direction please.</div>
<div><br>
</div>
-- <br>
<div>
<div dir="ltr"><span style="font-size:small">Gareth Healy </span><br>
<span style="font-size:small">UKI Middleware Consultant </span><br>
<span style="font-size:small">Red Hat UK Ltd </span><br>
<span style="font-size:small">200 Fowler Avenue </span><br>
<span style="font-size:small">Farnborough, Hants </span><br>
<span style="font-size:small">GU14 7JP, UK </span><br>
<br>
<span style="font-size:small">Mobile: <a
moz-do-not-send="true" href="tel:%2B44%280%297818511214"
value="+447818511214" target="_blank">+44(0)7818511214</a> </span><br>
<span style="font-size:small">E-Mail: <a
moz-do-not-send="true" href="mailto:gahealy@redhat.com"
target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:gahealy@redhat.com">gahealy@redhat.com</a></a> </span><br>
<br>
<span style="font-size:small">Registered in England and
Wales under Company Registration No. 03798903</span><br>
</div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
keycloak-user mailing list
<a class="moz-txt-link-abbreviated" href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a>
<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/keycloak-user">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>
</blockquote>
<br>
</body>
</html>