Re: [keycloak-dev] Wildfly integration

The problem was down to the fact that the unified-push application wasn't set to bearer-only and Undertow seems to invoke the authentication mechanism even though it's a non-secured resource. What happens in details are: 1. /index.html is loaded 2. keycloak.js redirects to login page 3. Keycloak returns ?code=... 4. Undertow invokes authentication mechanism (even though /index.html is not secured), sees the code, checks for a state cookie, doesn't find one, returns 400 One AS7 it works because AS7 doesn't invoke the authentication mechanism at all for /index.html (which seems the correct way to me, as the resource is not part of a secured-constraint). Setting unified-push to bearerOnly (which it should be in any case as it's used for jax-rs endpoints) works around the issue as our Undertow adapter will only look for bearer token and not do anything else. Question: is this a bug in Undertow? is it something we have to add a solution to our Undertow adapter? ----- Original Message ----- > From: "Stian Thorgersen" <stian(a)redhat.com&gt; > To: "Bruno Oliveira" <bruno(a)abstractj.org&gt; > Cc: "keycloak dev" <keycloak-dev(a)lists.jboss.org&gt; > Sent: Thursday, 24 July, 2014 3:52:48 PM > Subject: Re: [keycloak-dev] Wildfly integration > > Got the same issue here, looking into it now > > ----- Original Message ----- >> From: "Bruno Oliveira" <bruno(a)abstractj.org&gt; >> To: "keycloak dev" <keycloak-dev(a)lists.jboss.org&gt; >> Sent: Thursday, 24 July, 2014 1:57:38 PM >> Subject: [keycloak-dev] Wildfly integration >> >> Good morning guys, I'm banging my head against the wall with this issue: >> https://gist.github.com/abstractj/b5b79bf3a5eb77e7989a, basically what I'm >> trying to >> do is integrate the latest changes on master with UPS on AeroGear. >> >> On AS7 the application runs with no errors, but when I try to deploy on >> Wildfly I get HTTP 400 after login. >> >> Probably is some misconfiguration on my end, but I already double checked >> project-integrations, checked the examples, tried to debug on IntelliJ and >> Chrome. >> >> Here are the steps to reproduce: >> >> git clone git@github.com:keycloak/keycloak.git && cd keycloak && mvn >> clean install -DskipTests=true -Dcheckstyle.skip=true >> cd .. >> git clone git@github.com:aerogear/aerogear-parent.git && cd >> aerogear-parent && git checkout KeycloakBeta4 && mvn clean install >> cd .. >> git clone git@github.com:aerogear/aerogear-unifiedpush-server.git && cd >> aerogear-unifiedpush-server && git checkout KeycloakBeta4 && mvn clean >> install -Pwildfly -DskipTests=true -Dcheckstyle.skip=true >> >> cp databases/unifiedpush-h2-ds.xml $JBOSS_HOME/standalone/deployments >> cp auth-server/target/auth-server.war >> $JBOSS_HOME/standalone/deployments/ >> cp server/target/ag-push.war $JBOSS_HOME/standalone/deployments >> >> $JBOSS_HOME/bin/standalone.sh >> >> If you have an idea, let me know. >> >> -- >> >> abstractj >> PGP: 0x84DC9914 >> _______________________________________________ >> keycloak-dev mailing list >> keycloak-dev(a)lists.jboss.org >> https://lists.jboss.org/mailman/listinfo/keycloak-dev >> > _______________________________________________ > keycloak-dev mailing list > keycloak-dev(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/keycloak-dev > _______________________________________________ keycloak-dev mailing list keycloak-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-dev