June 2015 - keycloak-dev - Jboss List Archives

Selection of displaying max rows in admin console

by Niko Köbler

Hi, currently it’s only possible to show 5 users on one page in the admin console. When having a huge amount of users, it’s sometimes difficult to navigate through the appropriate users. Having a selection box to select the rows per page, would be a great benefit when administering the users. It’s not a big effort, I could do this and provide a PR. Any thoughts about this? - Niko

8 years, 10 months

2
1
0 / 0

Token is not active

by Fadi Abdin

When my keycloak server run for few days, it start acting weird and start returning "Token is not active" when i just issued the token. org.keycloak.VerificationException: Token is not active. My server is synced with a time server so the system date should be always valid. The solution is to restart keycloak. Have anyone faced this issue before ?? this issue is driving me crazy and i cant figure it out, i appreciate some help . . Thanks

8 years, 10 months

1
0
0 / 0

Localized terms and conditions

by Stan Silvert

Not sure if you heard my last comments. Just showing the AdSense T&C: https://www.google.com/adsense/localized-terms Looks like text should not be in localized templates. They should just be flat files assignable by the user's self-identified locale. Stan

8 years, 10 months

2
2
0 / 0

Generic servlet adapter?

by Marek Posolda

I wonder if we should have some generic HttpServlet based adapter? It can be used for all the servlet containers, where we don't have proper adapter. We can create just HttpServletFilter and after the authentication, send forward the wrapped HttpServletRequest with few overriden methods (getRemoteUser, isUserInRole, logout, ...). The disadvantage is that it's not tightly coupled with the container security (propagation to EJB etc) and security-constraints in web.xml won't work, so we will need to use something different (init-parameters in the filter maybe). I know we have proxy, but maybe this will fit even better for some environments? Marek

8 years, 10 months

1
0
0 / 0

Error on EAP 6.4

by Matthias Wessendorf

Hi, trying to update UPS to 1.3.0.Final(-SNAPSHOT), I am getting an exception. When accessing this URL: http://localhost:8080/auth/admin/aerogear/console/ and after logging in I see some error - looks like JAX-RS 2.0 dependency, but EAP is 1.1, no? <error> 17:46:31,638 ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[default-host].[/auth].[Keycloak REST Interface]] (http-/0.0.0.0:8080-4) JBWEB000236: Servlet.service() for servlet Keycloak REST Interface threw exception: java.lang.RuntimeException: request path: /auth/admin/realms/aerogear at org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:54) [keycloak-services-1.3.0.Final-SNAPSHOT.jar:1.3.0.Final-SNAPSHOT] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:231) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:149) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50) [jboss-as-jpa-7.5.0.Final-redhat-21.jar:7.5.0.Final-redhat-21] at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50) [jboss-as-jpa-7.5.0.Final-redhat-21.jar:7.5.0.Final-redhat-21] at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169) [jboss-as-web-7.5.0.Final-redhat-21.jar:7.5.0.Final-redhat-21] at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:150) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:854) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:926) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_65] Caused by: org.jboss.resteasy.spi.UnhandledException: java.lang.NoClassDefFoundError: javax/ws/rs/BadRequestException at org.jboss.resteasy.core.SynchronousDispatcher.handleApplicationException(SynchronousDispatcher.java:364) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:] at org.jboss.resteasy.core.SynchronousDispatcher.handleException(SynchronousDispatcher.java:232) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:] at org.jboss.resteasy.core.SynchronousDispatcher.handleInvokerException(SynchronousDispatcher.java:208) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:] at org.jboss.resteasy.core.SynchronousDispatcher.getResponse(SynchronousDispatcher.java:556) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:] at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:523) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:] at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:125) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:] at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:208) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:] at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:55) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:] at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:50) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:] at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [jboss-servlet-api_3.0_spec-1.0.2.Final-redhat-2.jar:1.0.2.Final-redhat-2] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:295) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at org.keycloak.services.filters.ClientConnectionFilter.doFilter(ClientConnectionFilter.java:41) [keycloak-services-1.3.0.Final-SNAPSHOT.jar:1.3.0.Final-SNAPSHOT] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:40) [keycloak-services-1.3.0.Final-SNAPSHOT.jar:1.3.0.Final-SNAPSHOT] ... 15 more Caused by: java.lang.NoClassDefFoundError: javax/ws/rs/BadRequestException at org.keycloak.services.resources.admin.RealmsAdminResource.getRealmAdmin(RealmsAdminResource.java:232) [keycloak-services-1.3.0.Final-SNAPSHOT.jar:1.3.0.Final-SNAPSHOT] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_65] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_65] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_65] at java.lang.reflect.Method.invoke(Method.java:606) [rt.jar:1.7.0_65] at org.jboss.resteasy.core.ResourceLocator.createResource(ResourceLocator.java:64) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:] at org.jboss.resteasy.core.ResourceLocator.invoke(ResourceLocator.java:105) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:] at org.jboss.resteasy.core.ResourceLocator.invokeOnTargetObject(ResourceLocator.java:153) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:] at org.jboss.resteasy.core.ResourceLocator.invoke(ResourceLocator.java:91) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:] at org.jboss.resteasy.core.SynchronousDispatcher.getResponse(SynchronousDispatcher.java:541) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:] ... 27 more Caused by: java.lang.ClassNotFoundException: javax.ws.rs.BadRequestException from [Module "deployment.auth-server.war:main" from Service Module Loader] at org.jboss.modules.ModuleClassLoader.findClass(ModuleClassLoader.java:213) [jboss-modules.jar:1.3.6.Final-redhat-1] at org.jboss.modules.ConcurrentClassLoader.performLoadClassUnchecked(ConcurrentClassLoader.java:459) [jboss-modules.jar:1.3.6.Final-redhat-1] at org.jboss.modules.ConcurrentClassLoader.performLoadClassChecked(ConcurrentClassLoader.java:408) [jboss-modules.jar:1.3.6.Final-redhat-1] at org.jboss.modules.ConcurrentClassLoader.performLoadClass(ConcurrentClassLoader.java:389) [jboss-modules.jar:1.3.6.Final-redhat-1] at org.jboss.modules.ConcurrentClassLoader.loadClass(ConcurrentClassLoader.java:134) [jboss-modules.jar:1.3.6.Final-redhat-1] ... 37 more </error> -- Matthias Wessendorf blog: http://matthiaswessendorf.wordpress.com/ sessions: http://www.slideshare.net/mwessendorf twitter: http://twitter.com/mwessendorf

8 years, 10 months

3
5
0 / 0

Hide internal clients and roles

by Stian Thorgersen

I propose we add an attribute 'kc_internal' to internal clients (security-admin-console, master-realm, account, broker) and hide these from the clients table. We should also do this to internal roles 'admin' and 'create-realm' so these roles are not displayed in realm roles list. They would only be hidden from this page, but still be visible in user role mapping, scope mappings and default roles.

8 years, 10 months

5
11
0 / 0

verify email is skipped if no email

by Bill Burke

The verify email required action is skipped if the user has no email. Is this the right behavior? Should the user instead be required to enter in an email address that can be verified? -- Bill Burke JBoss, a division of Red Hat http://bill.burkecentral.com

8 years, 10 months

2
1
0 / 0

Enabling SSL over keycloak/wildfly server

by Giriraj Sharma

When Let’s Encrypt <https://letsencrypt.org/howitworks/> based on ACME (Automated Certificate Management Environment) spec launches in mid-2015, enabling HTTPS for any site will be as easy as installing a small piece of certificate management software on the server: $ sudo apt-get install lets-encrypt $ lets-encrypt example.com That’s all there is to it! https://example.com is immediately live. Automatic renew and on demand revocation are equally easier. A sample let's encrypt SSL client demo is here <https://www.youtube.com/watch?v=Gas_sSB-5SU>. For documentation, check here <https://letsencrypt.readthedocs.org/en/latest/intro.html#about-the-let-s-...> . Let's encrypt is free, open and automated with out of box support for apache/nginx and standalone support for other web servers. It automatically configures an app deployed on apache or nginx with a single command with absolute no human intervention. Its stand alone mode (for other web servers) generates SSL cert for the app(domain) which can be manually configured/installed or a better method will be installation via an automated script(like for keycloak server). Currently, Let’s Encrypt provides a developer preview only intended for testers and developers. It, at present installs certs signed by the TEST CA, which might generate exception warnings in client browsers. But, they have announced to come out with final solution by Mid 2015. As Keycloak will be requiring SSL, let's encrypt standalone support with a script for automatic installation of cert on keycloak/wildfly server might come out as one easier rescue. Cheers, -- Giriraj Sharma about.me/girirajsharma <http://about.me/girirajsharma?promo=email_sig> Giriraj Sharma, Department of Computer Science National Institute of Technology Hamirpur Himachal Pradesh, India 177005

8 years, 10 months

1
0
0 / 0

keycloak-dev is not for user-related issues

by Stian Thorgersen

Please, refrain from using keycloak-dev mailing list for user-related issues. This mailing list is for discussing development-related issues and is mainly aimed at core Keycloak developers and contributors. For user-related issues please use the keycloak-user mailing list (https://lists.jboss.org/mailman/listinfo/keycloak-user). Thanks, Stian

8 years, 10 months

1
0
0 / 0

Keycloak benchmarks / Performance Guide

by George Leon

Hi Keycloak Team , We are evaluating to use in production and have 2) questions 1) Any information on Keycloak benchmarks would help us decide what Hardware we will need for example 1 Wildfly/Keycloak server with 4 cores CPU with 8GB memory and 1 separate Mysql DB with 4 cores CPU with 8GB with JDBC data connection pooling set to 30 connections say for example can handle ?????? concurrent user longings . 2) What server-cache is used and what control will we have like configuration options other than maxSize Also what unit is maxSize memory in ? Docs Reference : http://keycloak.github.io/docs/userguide/html/server_cache.html Thanks again and Great work with Keycloak G.Leon

8 years, 10 months

2
1
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

keycloak-dev June 2015