How to set default value of a boolean ProviderConfigProperty to true
by Rashmi Singh
In my AuthenticatorFactory class, I have the following configuration added:
ProviderConfigProperty property;
property= new ProviderConfigProperty();
property.setName("propname");
property.setLabel("Property Name");
property.setDefaultValue(true);
property.setType(ProviderConfigProperty.BOOLEAN_TYPE);
configProperties.add(identityFirstproperty);
I wanted to keep a default value as true and at first it seemed like the
following line would do it:
property.setDefaultValue(true);
But that does not seem to work. The default is still false. How can I set
the default to true?
7 years, 9 months
changes to KeycloakTransaction and KeycloakTransactionManager API
by Bill Burke
I want to simplify KeycloakTransaction interface a bit and remove the
getRolbackOnly, setRollbackOnly, and isActive and only have them within
KeycloakTransationManager. I may have to refactor existing components
to handle this. See any issues? All this is the continuous process of
simplying our SPIs to make them easier to implement.
Bill
7 years, 9 months
Read-only attributes for UserFederation providers
by Bruno Oliveira
Good morning,
I was working on this issue[1] this week and thinking about how
to tell our interface that the federation provider has read-only
attributes.
For example, today for the LDAPFederationProvider[2], we
provide server side validations telling our user that they cannot edit
those attributes. But still, input fields are editable and user
will only know after hit the submit button.
Not sure if makes sense, but very maybe if we provide a method
at UserFederation like:
boolean isReadOnly(); //defaults to false or override it and return true
And later expose it to the interface, we could bring the
text field properties set to read-only.
Does it make any sense?
[1] - https://issues.jboss.org/browse/KEYCLOAK-3060
[2] - https://github.com/keycloak/keycloak/blob/c7a8742a368bd8d76301145b08bb1e4...
--
abstractj
PGP: 0x84DC9914
7 years, 9 months
map Red Hat Single Sign-On version to git tag
by John Dennis
I've got "Red Hat Single Sign-On - Version 7.0.0.GA" installed and I
need to see the source code matching that version. Normally I would look
at the git tags to find a release but there doesn't seem to be a tag
related to this release.
How do I map what is in version.txt to a git tag? Is there a document
somewhere?
What is the matching tag for "Red Hat Single Sign-On - Version 7.0.0.GA"
--
John
7 years, 9 months
Keycloak Version 2.0.0 : MongoDB Start-up Issue.
by Stephen Merchant
Hello,
I am assessing standalone Keycloak version 2.0.0 configured for MongoDB Version 3.2.8 persistence.
I have made configuration changes to ...\standalone\configuration\keycloak-server.json as advised here<https://keycloak.gitbooks.io/server-installation-and-configuration/conten...>.
On start-up :
1) I can see the keycloak database get created in my MongoDB instance.
[cid:image002.png@01D1E3FD.A17167D0]
2) On standalone Keycloak startup I get the exception detailed in the WildFly log snippet below.
I would appreciate any advice or assistance you have to offer with this issue.
Thank you.
09:41:00,981 INFO [org.mongodb.driver.connection] (ServerService Thread Pool -- 47) Opened connection [connectionId{localValue:2, serverValue:14}] to localhost:27017
09:41:01,625 WARN [org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory] (ServerService Thread Pool -- 47) Can't rollback connection: java.sql.SQLException: IJ031022: You cannot rollback with autocommit set
at org.jboss.jca.adapters.jdbc.BaseWrapperManagedConnection.jdbcRollback(BaseWrapperManagedConnection.java:1124)
at org.jboss.jca.adapters.jdbc.WrappedConnection.rollback(WrappedConnection.java:863)
at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.lazyInit(DefaultJpaConnectionProviderFactory.java:196)
at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.create(DefaultJpaConnectionProviderFactory.java:60)
at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.create(DefaultJpaConnectionProviderFactory.java:48)
at org.keycloak.services.DefaultKeycloakSession.getProvider(DefaultKeycloakSession.java:103)
at org.keycloak.models.jpa.session.JpaUserSessionPersisterProviderFactory.create(JpaUserSessionPersisterProviderFactory.java:38)
at org.keycloak.models.jpa.session.JpaUserSessionPersisterProviderFactory.create(JpaUserSessionPersisterProviderFactory.java:32)
at org.keycloak.services.DefaultKeycloakSession.getProvider(DefaultKeycloakSession.java:103)
at org.keycloak.models.sessions.infinispan.initializer.OfflineUserSessionLoader.init(OfflineUserSessionLoader.java:38)
at org.keycloak.models.sessions.infinispan.initializer.InfinispanUserSessionInitializer$1.run(InfinispanUserSessionInitializer.java:110)
at org.keycloak.models.utils.KeycloakModelUtils.runJobInTransaction(KeycloakModelUtils.java:287)
at org.keycloak.models.sessions.infinispan.initializer.InfinispanUserSessionInitializer.getOrCreateInitializerState(InfinispanUserSessionInitializer.java:107)
at org.keycloak.models.sessions.infinispan.initializer.InfinispanUserSessionInitializer.startLoading(InfinispanUserSessionInitializer.java:158)
at org.keycloak.models.sessions.infinispan.initializer.InfinispanUserSessionInitializer.loadPersistentSessions(InfinispanUserSessionInitializer.java:88)
at org.keycloak.models.sessions.infinispan.InfinispanUserSessionProviderFactory$2.run(InfinispanUserSessionProviderFactory.java:91)
at org.keycloak.models.utils.KeycloakModelUtils.runJobInTransaction(KeycloakModelUtils.java:287)
at org.keycloak.models.sessions.infinispan.InfinispanUserSessionProviderFactory.loadPersistentSessions(InfinispanUserSessionProviderFactory.java:82)
at org.keycloak.models.sessions.infinispan.InfinispanUserSessionProviderFactory$1.onEvent(InfinispanUserSessionProviderFactory.java:71)
at org.keycloak.services.DefaultKeycloakSessionFactory.publish(DefaultKeycloakSessionFactory.java:64)
at org.keycloak.services.resources.KeycloakApplication.<init>(KeycloakApplication.java:130)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:422)
at org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:150)
at org.jboss.resteasy.spi.ResteasyProviderFactory.createProviderInstance(ResteasyProviderFactory.java:2209)
at org.jboss.resteasy.spi.ResteasyDeployment.createApplication(ResteasyDeployment.java:299)
at org.jboss.resteasy.spi.ResteasyDeployment.start(ResteasyDeployment.java:240)
at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.init(ServletContainerDispatcher.java:113)
at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.init(HttpServletDispatcher.java:36)
at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:117)
at org.wildfly.extension.undertow.security.RunAsLifecycleInterceptor.init(RunAsLifecycleInterceptor.java:78)
at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:103)
at io.undertow.servlet.core.ManagedServlet$DefaultInstanceStrategy.start(ManagedServlet.java:231)
at io.undertow.servlet.core.ManagedServlet.createServlet(ManagedServlet.java:132)
at io.undertow.servlet.core.DeploymentManagerImpl.start(DeploymentManagerImpl.java:526)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:101)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:82)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
at org.jboss.threads.JBossThread.run(JBossThread.java:320)
09:41:01,670 ERROR [org.jboss.msc.service.fail] (ServerService Thread Pool -- 47) MSC000001: Failed to start service jboss.undertow.deployment.default-server.default-host./auth: org.jboss.msc.service.StartException in service jboss.undertow.deployment.default-server.default-host./auth: java.lang.RuntimeException: RESTEASY003325: Failed to construct public org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:85)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
at org.jboss.threads.JBossThread.run(JBossThread.java:320)
Caused by: java.lang.RuntimeException: RESTEASY003325: Failed to construct public org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher)
at org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:162)
at org.jboss.resteasy.spi.ResteasyProviderFactory.createProviderInstance(ResteasyProviderFactory.java:2209)
at org.jboss.resteasy.spi.ResteasyDeployment.createApplication(ResteasyDeployment.java:299)
at org.jboss.resteasy.spi.ResteasyDeployment.start(ResteasyDeployment.java:240)
at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.init(ServletContainerDispatcher.java:113)
at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.init(HttpServletDispatcher.java:36)
at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:117)
at org.wildfly.extension.undertow.security.RunAsLifecycleInterceptor.init(RunAsLifecycleInterceptor.java:78)
at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:103)
at io.undertow.servlet.core.ManagedServlet$DefaultInstanceStrategy.start(ManagedServlet.java:231)
at io.undertow.servlet.core.ManagedServlet.createServlet(ManagedServlet.java:132)
at io.undertow.servlet.core.DeploymentManagerImpl.start(DeploymentManagerImpl.java:526)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:101)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:82)
... 6 more
Caused by: java.lang.IllegalStateException: Trying to update database, but don't have a DB lock acquired
at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.lazyInit(DefaultJpaConnectionProviderFactory.java:165)
at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.create(DefaultJpaConnectionProviderFactory.java:60)
at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.create(DefaultJpaConnectionProviderFactory.java:48)
at org.keycloak.services.DefaultKeycloakSession.getProvider(DefaultKeycloakSession.java:103)
at org.keycloak.models.jpa.session.JpaUserSessionPersisterProviderFactory.create(JpaUserSessionPersisterProviderFactory.java:38)
at org.keycloak.models.jpa.session.JpaUserSessionPersisterProviderFactory.create(JpaUserSessionPersisterProviderFactory.java:32)
at org.keycloak.services.DefaultKeycloakSession.getProvider(DefaultKeycloakSession.java:103)
at org.keycloak.models.sessions.infinispan.initializer.OfflineUserSessionLoader.init(OfflineUserSessionLoader.java:38)
at org.keycloak.models.sessions.infinispan.initializer.InfinispanUserSessionInitializer$1.run(InfinispanUserSessionInitializer.java:110)
at org.keycloak.models.utils.KeycloakModelUtils.runJobInTransaction(KeycloakModelUtils.java:287)
at org.keycloak.models.sessions.infinispan.initializer.InfinispanUserSessionInitializer.getOrCreateInitializerState(InfinispanUserSessionInitializer.java:107)
at org.keycloak.models.sessions.infinispan.initializer.InfinispanUserSessionInitializer.startLoading(InfinispanUserSessionInitializer.java:158)
at org.keycloak.models.sessions.infinispan.initializer.InfinispanUserSessionInitializer.loadPersistentSessions(InfinispanUserSessionInitializer.java:88)
at org.keycloak.models.sessions.infinispan.InfinispanUserSessionProviderFactory$2.run(InfinispanUserSessionProviderFactory.java:91)
at org.keycloak.models.utils.KeycloakModelUtils.runJobInTransaction(KeycloakModelUtils.java:287)
at org.keycloak.models.sessions.infinispan.InfinispanUserSessionProviderFactory.loadPersistentSessions(InfinispanUserSessionProviderFactory.java:82)
at org.keycloak.models.sessions.infinispan.InfinispanUserSessionProviderFactory$1.onEvent(InfinispanUserSessionProviderFactory.java:71)
at org.keycloak.services.DefaultKeycloakSessionFactory.publish(DefaultKeycloakSessionFactory.java:64)
at org.keycloak.services.resources.KeycloakApplication.<init>(KeycloakApplication.java:130)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:422)
at org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:150)
... 19 more
09:41:01,730 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([("deployment" => "keycloak-server.war")]) - failure description: {"WFLYCTL0080: Failed services" => {"jboss.undertow.deployment.default-server.default-host./auth" => "org.jboss.msc.service.StartException in service jboss.undertow.deployment.default-server.default-host./auth: java.lang.RuntimeException: RESTEASY003325: Failed to construct public org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher)
Caused by: java.lang.RuntimeException: RESTEASY003325: Failed to construct public org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher)
Caused by: java.lang.IllegalStateException: Trying to update database, but don't have a DB lock acquired"}}
09:41:01,775 INFO [org.jboss.as.server] (ServerService Thread Pool -- 44) WFLYSRV0010: Deployed "keycloak-server.war" (runtime-name : "keycloak-server.war")
09:41:01,779 INFO [org.jboss.as.controller] (Controller Boot Thread) WFLYCTL0183: Service status report
WFLYCTL0186: Services which failed to start: service jboss.undertow.deployment.default-server.default-host./auth: org.jboss.msc.service.StartException in service jboss.undertow.deployment.default-server.default-host./auth: java.lang.RuntimeException: RESTEASY003325: Failed to construct public org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher)
09:41:01,997 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0060: Http management interface listening on http://127.0.0.1:9990/management
09:41:02,012 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0051: Admin console listening on http://127.0.0.1:9990
09:41:02,013 ERROR [org.jboss.as] (Controller Boot Thread) WFLYSRV0026: Keycloak 2.0.0.Final (WildFly Core 2.0.10.Final) started (with errors) in 7942ms - Started 414 of 799 services (2 services failed or missing dependencies, 542 services are lazy, passive or on-demand)
Stephen Merchant
Developer
Gandlake Limited
Crown Commercial Service Supplier
BSI ISO/IEC 27001 certification number IS 585161
Gandlake Limited, a Limited Liability Company registered in England and Wales under number 4667925. Registered Office: Gandlake House, London Road, Newbury, Berkshire. RG14 1LA. VAT Registration Number 809 7164 11
7 years, 9 months
Feedback on Client Registration CLI
by Stian Thorgersen
Great work Marko!
As we didn't have time to go through feedback let's use this thread for it.
Add your questions and comments here please.
7 years, 9 months
Keycloak Stats
by Stian Thorgersen
I wanted to share some Keycloak stats for July as I'm proud of what we've
achieved:
Website:
* 8056 unique users in July
* 700-800 visits per weekday
* Users from pretty much everywhere around the world
Downloads:
* 1281 downloads of the server alone in July
* 100K+ pulls of main Docker image from Docker Hub
Github:
* 7000+ commits
* 124 contributors
* 587 stars
* 453 forks
7 years, 9 months
Applying post-create realm modifications
by Dmitry Telegin
Hi,
A KeyCloak extension might have a need to apply customizations to a
newly created realm, be it master realm on a first-time run, or a realm
added later via admin console. From my practice, I can mention at least
two use cases for that:
1. Creating a custom authentication flow. If you provide a custom
authenticator, you might also want to provide a custom flow for it,
thus making it usable out-of-the-box, and without having an end-user
dive deep into the details of flow setup;
2. Creating custom admin roles, i.e. atomic "view-something" and
"manage-something" roles belonging to a *-realm client of master-realm
(and automatically joining the realm "admin" role). This might be
topical if you provide a custom realm resource, and you want to secure
it with individual roles different from the built-in ones.
There is a RealmModel.RealmCreationEvent event fired from
JpaRealmProvider. Unfortunately, it is fired too early; it delivers a
realm instance in its bare, non-initialized state which is unusable for
both of the above use cases:
- adding custom authentication flow at this moment will break further
realm initialization logic, as latter relies on the emptiness of the
flow container;
- adding roles simply wouldn't work because no clients (including the
desired *-realm) are yet registered with the realm.
It would be nice to have something like RealmCreatedEvent (maybe inside
RealmManager) that would be fired just before RealmManager::createRealm
returns. Should be as trivial as adding an inner class/interface and
firing an event.
Regards,
Dmitry
7 years, 9 months
