In all these cases the UI kept working OK? Did you ever get any sort of
failure in the UI? Example: missing data, page load failure, etc?
-Eric
On 8/12/2015 3:46 PM, Helio Frota wrote:
*16:07:56,984 INFO* [stdout] (default task-6) Getting info for user
admin
*16:09:27,427 ERROR*
[org.keycloak.adapters.BearerTokenRequestAuthenticator] (default
task-28) Failed to verify token: org.keycloak.
almost 2 min of inactivity..
but i did a try with more minutes and no errors ...
*16:36*:09,869 INFO [stdout] (default task-8) Got organization
HeavyMetalOrg: OrganizationBean [id=HeavyMetalOrg, name=HeavyMetalOrg,
description=The Heavy Metal Universe, createdBy=admin,
createdOn=2015-08-12 15:57:02.829, modifiedBy=admin,
modifiedOn=2015-08-12 15:57:02.829]
*16:42*:06,805 INFO [stdout] (default task-9) Getting info for user admin
On Wed, Aug 12, 2015 at 4:40 PM, Helio Frota <00hf11(a)gmail.com
<mailto:00hf11@gmail.com>> wrote:
Is this something you can reproduce? Or just something that
happened once?
unfortunately no. just once.
What did you experience when this occurred? Did you get sent to the
login page? Did you get a blank page? Error in the UI?
nothing, just navigating , clicking etc.. no blank page or error in
the UI.
On Wed, Aug 12, 2015 at 4:36 PM, Eric Wittmann
<eric.wittmann(a)redhat.com <mailto:eric.wittmann@redhat.com>> wrote:
Is this something you can reproduce? Or just something that
happened once?
What did you experience when this occurred? Did you get sent to
the login page? Did you get a blank page? Error in the UI?
-Eric
On 8/12/2015 3:23 PM, Helio Frota wrote:
hi all ,
I get this one too.
I don't know if i clicked on some button or link or just
error arise
from another dimension.
*16:06:37,817 INFO* [stdout] (default task-59) Updated
plan: PlanBean
[organization=OrganizationBean [id=HeavyMetalOrg,
name=HeavyMetalOrg,
description=The Heavy Metal Universe, createdBy=admin,
createdOn=2015-08-12 15:57:02.829, modifiedBy=admin,
modifiedOn=2015-08-12 15:57:02.829], id=soundsLikeAPlan,
name=soundsLikeAPlan, description=454test, createdBy=admin,
createdOn=2015-08-12 15:59:41.355]
*16:07:56,984 INFO* [stdout] (default task-6) Getting info
for user admin
*16:09:27,427 ERROR*
[org.keycloak.adapters.BearerTokenRequestAuthenticator] (default
task-28) Failed to verify token:
org.keycloak.VerificationException:
Token is not active.
at
org.keycloak.RSATokenVerifier.verifyToken(RSATokenVerifier.java:46)
[keycloak-core-1.2.0.Final.jar:1.2.0.Final]
at
org.keycloak.RSATokenVerifier.verifyToken(RSATokenVerifier.java:16)
[keycloak-core-1.2.0.Final.jar:1.2.0.Final]
at
org.keycloak.adapters.BearerTokenRequestAuthenticator.authenticateToken(BearerTokenRequestAuthenticator.java:67)
[keycloak-adapter-core-1.2.0.Final.jar:1.2.0.Final]
at
org.keycloak.adapters.BearerTokenRequestAuthenticator.authenticate(BearerTokenRequestAuthenticator.java:62)
[keycloak-adapter-core-1.2.0.Final.jar:1.2.0.Final]
at
org.keycloak.adapters.RequestAuthenticator.authenticate(RequestAuthenticator.java:45)
[keycloak-adapter-core-1.2.0.Final.jar:1.2.0.Final]
at
org.keycloak.adapters.undertow.AbstractUndertowKeycloakAuthMech.keycloakAuthenticate(AbstractUndertowKeycloakAuthMech.java:114)
[keycloak-undertow-adapter-1.2.0.Final.jar:1.2.0.Final]
at
org.keycloak.adapters.undertow.ServletKeycloakAuthMech.authenticate(ServletKeycloakAuthMech.java:94)
[keycloak-undertow-adapter-1.2.0.Final.jar:1.2.0.Final]
at
io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:281)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:298)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.security.impl.SecurityContextImpl$AuthAttempter.access$100(SecurityContextImpl.java:268)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(SecurityContextImpl.java:131)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.security.impl.SecurityContextImpl.authTransition(SecurityContextImpl.java:106)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.security.impl.SecurityContextImpl.authenticate(SecurityContextImpl.java:99)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:54)
[undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.server.handlers.DisableCacheHandler.handleRequest(DisableCacheHandler.java:33)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:51)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:45)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:63)
[undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:56)
[undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70)
[undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
org.keycloak.adapters.undertow.ServletPreAuthActionsHandler.handleRequest(ServletPreAuthActionsHandler.java:69)
[keycloak-undertow-adapter-1.2.0.Final.jar:1.2.0.Final]
at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261)
[undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:247)
[undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:76)
[undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:166)
[undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.server.Connectors.executeRootHandler(Connectors.java:197)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:759)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
[rt.jar:1.8.0_45]
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
[rt.jar:1.8.0_45]
at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_45]
On Tue, Aug 11, 2015 at 5:16 AM, Marc Savy
<marc.savy(a)redhat.com <mailto:marc.savy@redhat.com>
<mailto:marc.savy@redhat.com <mailto:marc.savy@redhat.com>>>
wrote:
I think this may pertain to the Keycloak OAuth2 token.
In which case, I
provided Fadi with a version containing additional
logging to see if we
could track the issue down.
It's not an issue I've ever been able to replicate, and
we don't fiddle
with the token data in any way, so I don't really see
how we could
affect things.
My only suggestions are to ensure that time is accurate
on all of the
systems (NTP, Chronyd, etc), and I believe this has
already been done.
On 10/08/2015 18:00, Eric Wittmann wrote:
> How often does this occur? What is the result?
>
> I assume this is triggering a re-login in the UI?
>
> There is no caching on the apiman side. However the
tokens issued by
> keycloak to the apiman UI do have an expiration.
You could try
logging
> into the keycloak auth admin UI and increasing the
lifespan of
the tokens.
>
> Any more details you can provide would be great.
>
> -Eric
>
> On 8/10/2015 8:56 AM, Fadi Abdin wrote:
>> I keep getting occasional "Token is not active." on
they
keycloak side
>> occasionally . its really frustrating , i cant
figure out what could
>> cause this to happen. everything seems correct.
>>
>> Is there caching between API Man and Keycloak i can
turn off ? Have
>> anyone seeen this behavior ?
>>
>> Thanks,
>> Fadi
>>
Express.com
>>
>>
>> _______________________________________________
>> Apiman-user mailing list
>> Apiman-user(a)lists.jboss.org
<mailto:Apiman-user@lists.jboss.org>
<mailto:Apiman-user@lists.jboss.org
<mailto:Apiman-user@lists.jboss.org>>
>>
https://lists.jboss.org/mailman/listinfo/apiman-user
>>
> _______________________________________________
> Apiman-user mailing list
> Apiman-user(a)lists.jboss.org
<mailto:Apiman-user@lists.jboss.org>
<mailto:Apiman-user@lists.jboss.org
<mailto:Apiman-user@lists.jboss.org>>
>
https://lists.jboss.org/mailman/listinfo/apiman-user
>
_______________________________________________
Apiman-user mailing list
Apiman-user(a)lists.jboss.org
<mailto:Apiman-user@lists.jboss.org>
<mailto:Apiman-user@lists.jboss.org
<mailto:Apiman-user@lists.jboss.org>>
https://lists.jboss.org/mailman/listinfo/apiman-user
_______________________________________________
Apiman-user mailing list
Apiman-user(a)lists.jboss.org <mailto:Apiman-user@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/apiman-user
_______________________________________________
Apiman-user mailing list
Apiman-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/apiman-user