<div dir="ltr">Ah, I was looking directly at the cause at the bottom, and missed the UndertowPreAuthActionsHandler at the beginning of stack trace.<div><br></div><div>No idea then. If it&#39;s an out-of-the-box proxy install, and it&#39;s supposed to just work, then maybe it&#39;s a bug.</div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Jul 25, 2016 at 4:41 PM, Manfred Duchrow <span dir="ltr">&lt;<a href="mailto:manfred.duchrow@caprica.biz" target="_blank">manfred.duchrow@caprica.biz</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">

  <div bgcolor="#FFFFFF" text="#000000">

    <p><font face="Arial">Hi,</font></p>

    <p><font face="Arial">thanks for your response.<br>

      </font></p>

    <p><font face="Arial">The </font>UndertowPreAuthActionsHandler

      actually is in the stacktrace. So I don&#39;t quite understand what

      you mean.</p>

    <p>The installation is out-of-the-box from the

      keycloak-proxy-2.0.0.Final.zip.</p>

    <p>I was assuming that in

      UndertowPreAuthActionsHandler#handleRequest() somthing like the

      following must happen,<br>

      in order to execute the logout action handling in a worker thread:</p>

    <p>    public void handleRequest(HttpServerExchange exchange) throws

      Exception {<br>

              UndertowHttpFacade facade = createFacade(exchange);<br>

              SessionManagementBridge bridge = new

      SessionManagementBridge(userSessionManagement, sessionManager);<br>

              final PreAuthActionsHandler handler = new

      PreAuthActionsHandler(bridge, deploymentContext, facade);<br>

              final AtomicBoolean requestHandled = new

      AtomicBoolean(false);<br>

              if

      (exchange.getRequestURI().endsWith(AdapterConstants.K_LOGOUT)) {<br>

                HttpHandler tmpHandler = new HttpHandler()<br>

                {<br>

                  @Override<br>

                  public void handleRequest(HttpServerExchange exchange)

      throws Exception<br>

                  {<br>

                    requestHandled.set(handler.handleRequest());<br>

                  }<br>

                };<br>

                exchange.dispatch(tmpHandler); // This starts the worker

      thread that allows blocking I/O<br>

              } <br>

              else {<br>

                requestHandled.set(handler.handleRequest());          <br>

              }<br>

              if(requestHandled.get()) return;<br>

              next.handleRequest(exchange);<br>

          }<br>

    </p>

    <p>Any feedback welcome.<br>

    </p>

    <p>Cheers,<br>

        Manfred<br>

    </p><div><div class="h5">

    <br>

    <div>On 25.07.2016 15:35, Marko Strukelj

      wrote:<br>

    </div>

    <blockquote type="cite">

      <div dir="ltr">Giving a cursory look at KEYCLOAK-3311, and not

        really knowing this part of the code so I hope I&#39;m not giving

        you a wrong lead here, but it looks like

        UndertowPreAuthActionsHandler should already be present in your

        stacktrace, while currently it is not.

        <div><br>

        </div>

        <div>It sounds like Wildfly adapter was not installed correctly.</div>

      </div>

      <div class="gmail_extra"><br>

        <div class="gmail_quote">On Mon, Jul 25, 2016 at 9:26 AM,

          Manfred Duchrow <span dir="ltr">&lt;<a href="mailto:manfred.duchrow@caprica.biz" target="_blank">manfred.duchrow@caprica.biz</a>&gt;</span>

          wrote:<br>

          <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">

            <div bgcolor="#FFFFFF" text="#000000">

              <p><font face="Arial">Hi,</font></p>

              <p><font face="Arial">a few days ago I created the Jira

                  issue KEYCLOAK-3311.</font></p>

              <p><font face="Arial">Its about the following exception

                  when &quot;k_logout&quot; request from the keycloak server is

                  coming in:</font></p>

              <p><font face="Arial">IllegalStateException: UT000126:

                  Attempted to do blocking IO from the IO thread. This

                  is prohibited as it may result in deadlocks<br>

                </font></p>

              <p><font face="Arial">Has anybody experienced the same? Is

                  there a workaround?<br>

                </font></p>

              <p><font face="Arial">Currently this error prevents the

                  logout from the secure proxy and therefore the

                  protected<br>

                  application can still be reached (for a while) even if

                  the user&#39;s session on the keycloak server <br>

                  has been terminated.<br>

                </font></p>

              <p>Cheers,<br>

                   Manfred<br>

              </p>

            </div>

            <br>

            _______________________________________________<br>

            keycloak-user mailing list<br>

            <a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a><br>

            <a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br>

          </blockquote>

        </div>

        <br>

      </div>

    </blockquote>

    <br>

  </div></div></div>

</blockquote></div><br></div></div>