Hi Fabio,

The error is because a token created for the user is expired or expiring.

Did you set a new UPS admin password like the docs suggested?  The default may have expired.

- Kelvin

----------------------------------------------------------------------------------------------------

From: aerogear-users-bounces@lists.jboss.org [mailto:aerogear-users-bounces@lists.jboss.org] On Behalf Of Fabio Turizo
Sent: Thursday, August 06, 2015 7:57 AM
To: aerogear-users@lists.jboss.org
Subject: Re: [Aerogear-users] Aerogear Unified Push Server setup not working

Well, still have issues with the admin application. I'm getting this Error 401: Unathorized errors in the admin interface. I work for a minute or two in the application and get the error, log out of the application/refresh browser and again after one or two minutes happens again. Quite annoying.

Checking the server logs i see this exception:

2015-08-06 10:50:19,297 ERROR [org.keycloak.adapters.BearerTokenRequestAuthenticator] (default task-4) Failed to verify token: org.keycloak.VerificationException: Token
is not active.
        at org.keycloak.RSATokenVerifier.verifyToken(RSATokenVerifier.java:43) [keycloak-core-1.0.5.Final.jar:]
        at org.keycloak.RSATokenVerifier.verifyToken(RSATokenVerifier.java:16) [keycloak-core-1.0.5.Final.jar:]
        at org.keycloak.adapters.BearerTokenRequestAuthenticator.authenticate(BearerTokenRequestAuthenticator.java:63) [keycloak-adapter-core-1.0.5.Final.jar:]
        at org.keycloak.adapters.RequestAuthenticator.authenticate(RequestAuthenticator.java:41) [keycloak-adapter-core-1.0.5.Final.jar:]
        at org.keycloak.adapters.undertow.UndertowKeycloakAuthMech.keycloakAuthenticate(UndertowKeycloakAuthMech.java:82) [keycloak-undertow-adapter-1.0.5.Final.jar:]
        at org.keycloak.adapters.undertow.ServletKeycloakAuthMech.authenticate(ServletKeycloakAuthMech.java:61) [keycloak-undertow-adapter-1.0.5.Final.jar:]
        at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:283) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:300) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.access$100(SecurityContextImpl.java:270) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(SecurityContextImpl.java:133) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.security.impl.SecurityContextImpl.authTransition(SecurityContextImpl.java:108) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.security.impl.SecurityContextImpl.authenticate(SecurityContextImpl.java:101) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:55) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.server.handlers.DisableCacheHandler.handleRequest(DisableCacheHandler.java:33) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:51) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:56) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
        at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at org.keycloak.adapters.undertow.ServletPreAuthActionsHandler.handleRequest(ServletPreAuthActionsHandler.java:69) [keycloak-undertow-adapter-1.0.5.Final.jar:]
        at org.keycloak.adapters.undertow.ServletPreAuthActionsHandler.handleRequest(ServletPreAuthActionsHandler.java:69) [keycloak-undertow-adapter-1.0.5.Final.jar:]
        at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:248) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:77) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:167) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.server.Connectors.executeRootHandler(Connectors.java:199) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:761) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [rt.jar:1.8.0_51]
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [rt.jar:1.8.0_51]
        at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_51]

2015-08-06 10:51:51,799 ERROR [org.keycloak.adapters.BearerTokenRequestAuthenticator] (default task-14) Failed to verify token: org.keycloak.VerificationException: Token is not active.
        at org.keycloak.RSATokenVerifier.verifyToken(RSATokenVerifier.java:43) [keycloak-core-1.0.5.Final.jar:]
        at org.keycloak.RSATokenVerifier.verifyToken(RSATokenVerifier.java:16) [keycloak-core-1.0.5.Final.jar:]
        at org.keycloak.adapters.BearerTokenRequestAuthenticator.authenticate(BearerTokenRequestAuthenticator.java:63) [keycloak-adapter-core-1.0.5.Final.jar:]
        at org.keycloak.adapters.RequestAuthenticator.authenticate(RequestAuthenticator.java:41) [keycloak-adapter-core-1.0.5.Final.jar:]
        at org.keycloak.adapters.undertow.UndertowKeycloakAuthMech.keycloakAuthenticate(UndertowKeycloakAuthMech.java:82) [keycloak-undertow-adapter-1.0.5.Final.jar:]
        at org.keycloak.adapters.undertow.ServletKeycloakAuthMech.authenticate(ServletKeycloakAuthMech.java:61) [keycloak-undertow-adapter-1.0.5.Final.jar:]
        at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:283) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:300) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.access$100(SecurityContextImpl.java:270) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(SecurityContextImpl.java:133) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.security.impl.SecurityContextImpl.authTransition(SecurityContextImpl.java:108) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.security.impl.SecurityContextImpl.authenticate(SecurityContextImpl.java:101) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:55) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.server.handlers.DisableCacheHandler.handleRequest(DisableCacheHandler.java:33) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:51) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:56) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
        at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at org.keycloak.adapters.undertow.ServletPreAuthActionsHandler.handleRequest(ServletPreAuthActionsHandler.java:69) [keycloak-undertow-adapter-1.0.5.Final.jar:]
        at org.keycloak.adapters.undertow.ServletPreAuthActionsHandler.handleRequest(ServletPreAuthActionsHandler.java:69) [keycloak-undertow-adapter-1.0.5.Final.jar:]
        at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:248) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:77) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:167) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.server.Connectors.executeRootHandler(Connectors.java:199) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:761) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [rt.jar:1.8.0_51]
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [rt.jar:1.8.0_51]
        at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_51]

El jue., 6 de ago. de 2015 a la(s) 9:02 a. m., Fabio Turizo <fabio.turizo@gmail.com> escribió:
Ok, i configured the HTTPS listener for the server and now the application works as intended. Many thanks!

El mié., 5 de ago. de 2015 a la(s) 5:13 p. m., Kelvin Lunsford <kelvin@qantel.com> escribió:
The error is because ssl is required.
 
By default the https protocol scheme is required to access the UPS console when not using localhost as the URL host name.
 
Https is not required for localhost access to the console.  You might see if you can tunnel into your AWS instance as localhost. 
 
You will eventually need a cert and https connector configured in wildfly to access the restful interfaces. 
 
- Kelvin
 
 
From: aerogear-users-bounces@lists.jboss.org [mailto:aerogear-users-bounces@lists.jboss.org] On Behalf Of Fabio Turizo
Sent: Wednesday, August 05, 2015 7:30 AM
To: aerogear-users@lists.jboss.org
Subject: [Aerogear-users] Aerogear Unified Push Server setup not working
 
Greetings. I've followed all instrucciones detailed in the AeroGear UPS Installation Guide but the server isn't working. 
 
My setup is done in an AWS instance running with RHEL 7 installing Aerogear UPS v1.0.3 with a PostgreSQL 9.4 database (via AWS RDS) and using WildFly 8.2.1 Final with Oracle JDK 8
 
When i deploy the WARs (agpush and auth) everything is deployed fine. Trying to get in the admin ui gets me an Internal error. Checking the logs:
 
2015-08-05 10:11:08,832 ERROR [io.undertow.request] (default task-1) UT005023: Exception handling request to /ag-push/index.html: java.lang.RuntimeException: Can't resolve relative url from adapter config.
        at org.keycloak.adapters.AdapterDeploymentContext.getBaseBuilder(AdapterDeploymentContext.java:289) [keycloak-adapter-core-1.0.5.Final.jar:]
        at org.keycloak.adapters.AdapterDeploymentContext.resolveDeployment(AdapterDeploymentContext.java:53) [keycloak-adapter-core-1.0.5.Final.jar:]
        at org.keycloak.adapters.undertow.ServletKeycloakAuthMech.authenticate(ServletKeycloakAuthMech.java:54) [keycloak-undertow-adapter-1.0.5.Final.jar:]
        at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:283) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:300) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.access$100(SecurityContextImpl.java:270) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(SecurityContextImpl.java:133) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.security.impl.SecurityContextImpl.authTransition(SecurityContextImpl.java:108) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.security.impl.SecurityContextImpl.authenticate(SecurityContextImpl.java:101) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:55) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:51) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:56) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
        at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at org.keycloak.adapters.undertow.ServletPreAuthActionsHandler.handleRequest(ServletPreAuthActionsHandler.java:69) [keycloak-undertow-adapter-1.0.5.Final.jar:]
        at org.keycloak.adapters.undertow.ServletPreAuthActionsHandler.handleRequest(ServletPreAuthActionsHandler.java:69) [keycloak-undertow-adapter-1.0.5.Final.jar:]
        at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:248) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:77) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:167) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.server.Connectors.executeRootHandler(Connectors.java:199) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:761) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [rt.jar:1.8.0_51]
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [rt.jar:1.8.0_51]
        at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_51]
 
Is there a configuration missing in the setup that causes this error? Any help is appreciated. 
_______________________________________________
Aerogear-users mailing list
Aerogear-users@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-users

_______________________________________________
Aerogear-users mailing list
Aerogear-users@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-users