Hi Marek,


Thanks for your response.


Already I have set a role in keycloak application as giggzouser and I have set the same in my web.xml file.

After enabling the logs, it shows up this


2016-03-30 03:39:26,843 DEBUG [org.keycloak.adapters.PreAuthActionsHandler] (default task-7) adminRequest http://hostname:8080/appname/rest/giggzoLogin/userLogin

2016-03-30 03:39:26,845 DEBUG [org.keycloak.adapters.undertow.KeycloakUndertowAccount] (default task-7) session is active

2016-03-30 03:39:26,845 DEBUG [org.keycloak.adapters.undertow.ServletSessionTokenStore] (default task-7) Cached account found

2016-03-30 03:39:26,845 DEBUG [org.keycloak.adapters.wildfly.WildflyRequestAuthenticator] (default task-7) propagate security context to wildfly

2016-03-30 03:39:26,845 DEBUG [org.keycloak.adapters.RequestAuthenticator] (default task-7) AUTHENTICATED: was cached

2016-03-30 03:39:26,846 DEBUG [org.keycloak.adapters.AuthenticatedActionsHandler] (default task-7) AuthenticatedActionsValve.invoke http ://hostname:8080/appname /rest/giggzoLogin/userLogin


After which, I get forbidden on screen.


Please find the web.xml file attached to this mail.



Jayapriya Atheesan


From: Marek Posolda [mailto:mposolda@redhat.com]
Sent: Wednesday, March 30, 2016 12:42 PM
To: JAYAPRIYA ATHEESAN; keycloak-dev@lists.jboss.org
Subject: Re: [keycloak-dev] 403 Forbidden when invoking application secured with keycloak


It looks that your user either doesn't have roles or your client doesn't have scope. Take a look at examples for more inspiration. For logging, you can enable DEBUG logging for category "org.keycloak" in standalone/configuration/standalone.xml


On 30/03/16 08:13, JAYAPRIYA ATHEESAN wrote:



Greetings of the day !!


I need an urgent help from your team.


I have an application deployed in wildfly server. The same has been secured with keycloak server(this runs of a different wildfly box).

The wildfly server has been configured with keycloak adapter.


When I invoke a page from the application deployed in wildfly server, the application , redirects to keycloak login page. After I click submit  entering user name and password, I get 403 forbidden error.


Is there a way to enable logs for keycloak adapter. I’m not getting any logs related to this error.


The issue is similar to the one addressed in http://lists.jboss.org/pipermail/keycloak-user/2015-February/001601.html



Please help me in resolving the same.


Below are the details of the server :

Wildfly 9.0.0CR2

Keycloak 1.6.0 Final



Jayapriya Atheesan



keycloak-dev mailing list