Re: [keycloak-user] How do I set session variable upon first API hit?
by Renann Prado
On Feb 11, 2016 10:03, "Renann Prado" <prado.renann(a)gmail.com> wrote:
> Yes, it is a JEE application and I am using standard adapter.
> I thought about creating a servlet filter, but is this the right approach
> to take?
>
> Thanks
> On Feb 11, 2016 06:24, "Stian Thorgersen" <sthorger(a)redhat.com> wrote:
>
>> Assuming you're talking about an JEE application, why not just use a
>> servlet filter? Make it take a peek in the http session to check if the
>> variables are set, if not load from database and add them.
>>
>> On 11 February 2016 at 08:38, Renann Prado <darkness.renann(a)gmail.com>
>> wrote:
>>
>>> Basically I have some session variables that should be set upon first
>>> hit in the API (using bearer token). The requirement is that session
>>> variables will be dynamically loaded from the database and put into the
>>> http session before I actually process the request, so I can use the
>>> variables to process it.
>>>
>>> Thanks
>>>
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user(a)lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>
>>
8 years, 10 months
NullPointerException during deployment
by Renann Prado
I've been following keycloak guide, but I'm facing the below exception.
I'm trying to secure a WAR that is inside of an EAR, I've tried to add
below two dependencies in my pom.xml.
What am I missing?
*Wildfly version: *10.0.0.Final
*Keycloak version: *1.9.0.CR1
*Dependencies (tried in EAR and in WAR, no luck):*
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-core</artifactId>
<version>1.9.0.CR1</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-adapter-core</artifactId>
<version>1.9.0.CR1</version>
<scope>provided</scope>
</dependency>
*Subsystem configuration:*
<subsystem xmlns="urn:jboss:domain:keycloak:1.1">
<secure-deployment name="Test-web-1.0-SNAPSHOT.war">
<realm>TestRealm</realm>
<resource>test-resource</resource>
<realm-public-key>MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpxbZQMAf2NPcWCbdVWfu3JKEZ5PHuL+a5JTzyuln/wXpfhGPyCDS8rYDj2tf5lA8WQYoV8M5ip3DbCdL43wsW8/oJM/UOKn7mwy2x0OdW40bw1c8b1D6FveliIXwtovyw0EGCFn67qLdtHPLAlVvv5UXPIPFCakzdx1xS/6zgZ1uF2fzwLZpLh21M9XYNHQk6ui047+13Uf5H5yYQNLin8WluZ4JLfO8teVV9ARTqezVoZ5/+SNH4Mw+N1i7sGr13mzl51XvpFmm10Yx0dNiuy+WPA9xv1eNWcWgQWXxCEzDBenn59pmZ9JnTpoOqvZknmBGqyQPDqN9tJIWnWZKQIDAQAB</realm-public-key>
<auth-server-url>http://localhost:8082/auth</auth-server-url>
<ssl-required>none</ssl-required>
<credential name="secret">password</credential>
</secure-deployment>
</subsystem>
*Exception*
8:13:18,779 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-3)
MSC000001: Failed to start service
jboss.deployment.unit."Test-ear.ear".DEPENDENCIES:
org.jboss.msc.service.StartException in service
jboss.deployment.unit."Test-ear.ear".DEPENDENCIES: WFLYSRV0153: Failed to
process phase DEPENDENCIES of deployment "Test-ear.ear"
at
org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:154)
at
org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1948)
at
org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1881)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.lang.NullPointerException
at
org.keycloak.subsystem.adapter.extension.KeycloakDependencyProcessor.deploy(KeycloakDependencyProcessor.java:52)
at
org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:147)
... 5 more
18:13:18,784 ERROR [org.jboss.as.controller.management-operation]
(management-handler-thread - 2) WFLYCTL0013: Operation ("deploy") failed -
address: ([("deployment" => "Test-ear.ear")]) - failure description:
{"WFLYCTL0080: Failed services" =>
{"jboss.deployment.unit.\"Test-ear.ear\".DEPENDENCIES" =>
"org.jboss.msc.service.StartException in service
jboss.deployment.unit.\"Test-ear.ear\".DEPENDENCIES: WFLYSRV0153: Failed to
process phase DEPENDENCIES of deployment \"Test-ear.ear\"
Caused by: java.lang.NullPointerException"}}
18:13:18,786 ERROR [org.jboss.as.server] (management-handler-thread - 2)
WFLYSRV0021: Deploy of deployment "Test-ear.ear" was rolled back with the
following failure message:
{"WFLYCTL0080: Failed services" =>
{"jboss.deployment.unit.\"Test-ear.ear\".DEPENDENCIES" =>
"org.jboss.msc.service.StartException in service
jboss.deployment.unit.\"Test-ear.ear\".DEPENDENCIES: WFLYSRV0153: Failed to
process phase DEPENDENCIES of deployment \"Test-ear.ear\"
Caused by: java.lang.NullPointerException"}}
Renann Prado
8 years, 10 months
ldap federation provider
by chenkeong.yap@izeno.com
hi guys,
please assist to clarify. after adding ldap federation provider, is the password stored in keycloak database? if yes, is there anyway to prevent sync of password?
Regards,
CK Yap
8 years, 10 months
How do I set session variable upon first API hit?
by Renann Prado
Basically I have some session variables that should be set upon first hit
in the API (using bearer token). The requirement is that session variables
will be dynamically loaded from the database and put into the http session
before I actually process the request, so I can use the variables to
process it.
Thanks
8 years, 10 months
What's the point of creating roles per realm and client?
by Renann Prado
I'm pretty new to keycloak. Amazing application btw.
It's working very well, however I found strange/confusing that I have to
create roles in the level of the realm, then per client and then assign to
each user.
What I mean is: why don't we have the roles created in the level of the
realm and then we just assign per application user or is there an option to
make that happen?
Otherwise I have to keep creating roles for all clients, then assigning for
all users. In my case there aren't many users/roles/applications, so it's
fine. But it would be nice to know how to do that.
Thanks
Renann Prado
8 years, 10 months
Create user + keycloak-admin-client
by Charles Queiroz
Hi folks,
I’m trying programmatically add user in keycloak server using the admin client (version 1.8.0.RC3) like this post show (link: http://www.first8.nl/blog/programmatically-adding-users-in-keycloak/ <http://www.first8.nl/blog/programmatically-adding-users-in-keycloak/> ), but no success yet! ;(
The Steps:
1 - Add dependence on pom.xml like:
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-admin-client</artifactId>
<version>1.8.0.CR3</version>
</dependency>
2 - Implement the method body like:
public User save(User user) {
Keycloak kc = Keycloak.getInstance("http://localhost:8080/auth", "forum", “admin", “admin", "security-admin-console");
CredentialRepresentation credential = new CredentialRepresentation();
credential.setType(CredentialRepresentation.PASSWORD);
credential.setValue(user.getPassword());
UserRepresentation newUser = new UserRepresentation();
newUser.setUsername(user.getLogin());
newUser.setFirstName(user.getName());
newUser.setCredentials(Arrays.asList(credential));
kc.realm("forum").users().create(newUser);
User saved = repository.save(user);
savedUser.fire(saved);
return saved;
}
When I run the app, the exception thrown is:
20:46:03,583 DEBUG [org.apache.http.impl.conn.DefaultClientConnection] (default task-14) Sending request: POST /auth/realms/forum/protocol/openid-connect/token HTTP/1.1
20:46:03,584 DEBUG [org.apache.http.wire] (default task-14) >> "POST /auth/realms/forum/protocol/openid-connect/token HTTP/1.1[\r][\n]"
20:46:03,585 DEBUG [org.apache.http.wire] (default task-14) >> "Accept: application/json[\r][\n]"
20:46:03,587 DEBUG [org.apache.http.wire] (default task-14) >> "Accept-Encoding: gzip, deflate[\r][\n]"
20:46:03,589 DEBUG [org.apache.http.wire] (default task-14) >> "Content-Type: application/x-www-form-urlencoded[\r][\n]"
20:46:03,591 DEBUG [org.apache.http.wire] (default task-14) >> "Content-Length: 82[\r][\n]"
20:46:03,592 DEBUG [org.apache.http.wire] (default task-14) >> "Host: localhost:8080[\r][\n]"
20:46:03,594 DEBUG [org.apache.http.wire] (default task-14) >> "Connection: Keep-Alive[\r][\n]"
20:46:03,596 DEBUG [org.apache.http.wire] (default task-14) >> "[\r][\n]"
20:46:03,598 DEBUG [org.apache.http.headers] (default task-14) >> POST /auth/realms/forum/protocol/openid-connect/token HTTP/1.1
20:46:03,599 DEBUG [org.apache.http.headers] (default task-14) >> Accept: application/json
20:46:03,601 DEBUG [org.apache.http.headers] (default task-14) >> Accept-Encoding: gzip, deflate
20:46:03,602 DEBUG [org.apache.http.headers] (default task-14) >> Content-Type: application/x-www-form-urlencoded
20:46:03,604 DEBUG [org.apache.http.headers] (default task-14) >> Content-Length: 82
20:46:03,605 DEBUG [org.apache.http.headers] (default task-14) >> Host: localhost:8080
20:46:03,606 DEBUG [org.apache.http.headers] (default task-14) >> Connection: Keep-Alive
20:46:03,610 DEBUG [org.apache.http.wire] (default task-14) >> "grant_type=password&username=admin&password=admin&client_id=security-admin-console"
20:46:03,612 DEBUG [org.jboss.resteasy.resteasy_jaxrs.i18n] (default task-15) RESTEASY002315: PathInfo: /realms/forum/protocol/openid-connect/token
20:46:03,614 DEBUG [org.keycloak.authentication.AuthenticationProcessor] (default task-15) AUTHENTICATE CLIENT
20:46:03,614 DEBUG [org.keycloak.authentication.AuthenticationProcessor] (default task-15) client authenticator: client-secret
20:46:03,614 DEBUG [org.keycloak.authentication.AuthenticationProcessor] (default task-15) client authenticator SUCCESS: client-secret
20:46:03,614 DEBUG [org.keycloak.authentication.AuthenticationProcessor] (default task-15) Client security-admin-console authenticated by client-secret
20:46:03,615 DEBUG [org.keycloak.authentication.AuthenticationProcessor] (default task-15) AUTHENTICATE ONLY
20:46:03,615 DEBUG [org.keycloak.authentication.DefaultAuthenticationFlow] (default task-15) processFlow
20:46:03,615 DEBUG [org.keycloak.authentication.DefaultAuthenticationFlow] (default task-15) check execution: direct-grant-validate-username requirement: REQUIRED
20:46:03,616 DEBUG [org.keycloak.authentication.DefaultAuthenticationFlow] (default task-15) authenticator: direct-grant-validate-username
20:46:03,616 DEBUG [org.keycloak.authentication.DefaultAuthenticationFlow] (default task-15) invoke authenticator.authenticate
20:46:03,617 FINE [org.mongodb.driver.protocol.query] (default task-15) Sending query of namespace forum.users on connection [connectionId{localValue:2, serverValue:184}] to server 127.0.0.1:27017
20:46:03,617 FINE [org.mongodb.driver.protocol.query] (default task-15) Query completed
20:46:03,618 WARN [org.keycloak.events] (default task-15) type=LOGIN_ERROR, realmId=forum, clientId=security-admin-console, userId=null, ipAddress=127.0.0.1, error=invalid_user_credentials, auth_method=openid-connect, grant_type=password, client_auth_method=client-secret, username=admin
20:46:03,619 DEBUG [org.keycloak.authentication.DefaultAuthenticationFlow] (default task-15) authenticator FAILED: direct-grant-validate-username
20:46:03,624 DEBUG [org.apache.http.wire] (default task-14) << "HTTP/1.1 401 Unauthorized[\r][\n]"
20:46:03,627 DEBUG [org.apache.http.wire] (default task-14) << "Connection: keep-alive[\r][\n]"
20:46:03,629 DEBUG [org.apache.http.wire] (default task-14) << "X-Powered-By: Undertow/1[\r][\n]"
20:46:03,631 DEBUG [org.apache.http.wire] (default task-14) << "Server: WildFly/10[\r][\n]"
20:46:03,632 DEBUG [org.apache.http.wire] (default task-14) << "Transfer-Encoding: chunked[\r][\n]"
20:46:03,634 DEBUG [org.apache.http.wire] (default task-14) << "Content-Type: application/json[\r][\n]"
20:46:03,636 DEBUG [org.apache.http.wire] (default task-14) << "Date: Wed, 10 Feb 2016 23:46:03 GMT[\r][\n]"
20:46:03,637 DEBUG [org.apache.http.wire] (default task-14) << "[\r][\n]"
20:46:03,639 DEBUG [org.apache.http.impl.conn.DefaultClientConnection] (default task-14) Receiving response: HTTP/1.1 401 Unauthorized
20:46:03,640 DEBUG [org.apache.http.headers] (default task-14) << HTTP/1.1 401 Unauthorized
20:46:03,642 DEBUG [org.apache.http.headers] (default task-14) << Connection: keep-alive
20:46:03,643 DEBUG [org.apache.http.headers] (default task-14) << X-Powered-By: Undertow/1
20:46:03,645 DEBUG [org.apache.http.headers] (default task-14) << Server: WildFly/10
20:46:03,646 DEBUG [org.apache.http.headers] (default task-14) << Transfer-Encoding: chunked
20:46:03,647 DEBUG [org.apache.http.headers] (default task-14) << Content-Type: application/json
20:46:03,649 DEBUG [org.apache.http.headers] (default task-14) << Date: Wed, 10 Feb 2016 23:46:03 GMT
20:46:03,651 DEBUG [org.apache.http.impl.client.DefaultHttpClient] (default task-14) Connection can be kept alive indefinitely
20:46:03,653 DEBUG [org.apache.http.impl.client.DefaultHttpClient] (default task-14) Authentication required
20:46:03,654 DEBUG [org.apache.http.impl.client.DefaultHttpClient] (default task-14) localhost:8080 requested authentication
20:46:03,656 DEBUG [org.apache.http.impl.client.DefaultHttpClient] (default task-14) Response contains no authentication challenges
20:46:03,665 DEBUG [org.apache.http.wire] (default task-14) << "48[\r][\n]"
20:46:03,667 DEBUG [org.apache.http.wire] (default task-14) << "{"error_description":"Invalid user credentials","error":"invalid_grant"}"
20:46:03,668 DEBUG [org.apache.http.wire] (default task-14) << "[\r][\n]"
20:46:03,670 DEBUG [org.apache.http.wire] (default task-14) << "0[\r][\n]"
20:46:03,671 DEBUG [org.apache.http.wire] (default task-14) << "[\r][\n]"
20:46:03,673 DEBUG [org.apache.http.impl.conn.BasicClientConnectionManager] (default task-14) Releasing connection org.apache.http.impl.conn.ManagedClientConnectionImpl@1d6c4f71
20:46:03,675 DEBUG [org.apache.http.impl.conn.BasicClientConnectionManager] (default task-14) Connection can be kept alive indefinitely
20:46:11,315 DEBUG [org.jboss.as.jpa] (default task-14) default task-14:transaction scoped EntityManager [forum.war#ForumPU]: closing entity managersession
20:46:11,315 DEBUG [org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl] (default task-14) Initiating JDBC connection release from afterTransaction
20:46:11,316 ERROR [org.jboss.as.ejb3.invocation] (default task-14) WFLYEJB0034: EJB Invocation failed on component UserRestEndpoint for method public javax.ws.rs.core.Response br.com.projetolead.forum.integration.rest.UserRestEndpoint.save(br.com.projetolead.forum.model.User,javax.servlet.http.HttpServletRequest) throws java.io.IOException: javax.ejb.EJBException: javax.ws.rs.NotAuthorizedException: HTTP 401 Unauthorized
at org.jboss.as.ejb3.tx.CMTTxInterceptor.handleExceptionInOurTx(CMTTxInterceptor.java:187)
------
but, when I change the user to charles (no admin user. login: charles, password: java) the error is:
------
20:41:18,314 DEBUG [org.apache.http.impl.conn.DefaultClientConnection] (default task-14) Sending request: POST /auth/realms/forum/protocol/openid-connect/token HTTP/1.1
20:41:18,315 DEBUG [org.apache.http.wire] (default task-14) >> "POST /auth/realms/forum/protocol/openid-connect/token HTTP/1.1[\r][\n]"
20:41:18,316 DEBUG [org.apache.http.wire] (default task-14) >> "Accept: application/json[\r][\n]"
20:41:18,316 DEBUG [org.apache.http.wire] (default task-14) >> "Accept-Encoding: gzip, deflate[\r][\n]"
20:41:18,316 DEBUG [org.apache.http.wire] (default task-14) >> "Content-Type: application/x-www-form-urlencoded[\r][\n]"
20:41:18,316 DEBUG [org.apache.http.wire] (default task-14) >> "Content-Length: 83[\r][\n]"
20:41:18,316 DEBUG [org.apache.http.wire] (default task-14) >> "Host: localhost:8080[\r][\n]"
20:41:18,316 DEBUG [org.apache.http.wire] (default task-14) >> "Connection: Keep-Alive[\r][\n]"
20:41:18,316 DEBUG [org.apache.http.wire] (default task-14) >> "[\r][\n]"
20:41:18,316 DEBUG [org.apache.http.headers] (default task-14) >> POST /auth/realms/forum/protocol/openid-connect/token HTTP/1.1
20:41:18,316 DEBUG [org.apache.http.headers] (default task-14) >> Accept: application/json
20:41:18,316 DEBUG [org.apache.http.headers] (default task-14) >> Accept-Encoding: gzip, deflate
20:41:18,316 DEBUG [org.apache.http.headers] (default task-14) >> Content-Type: application/x-www-form-urlencoded
20:41:18,316 DEBUG [org.apache.http.headers] (default task-14) >> Content-Length: 83
20:41:18,316 DEBUG [org.apache.http.headers] (default task-14) >> Host: localhost:8080
20:41:18,316 DEBUG [org.apache.http.headers] (default task-14) >> Connection: Keep-Alive
20:41:18,316 DEBUG [org.apache.http.wire] (default task-14) >> "grant_type=password&username=charles&password=java&client_id=security-admin-console"
20:41:18,318 DEBUG [org.jboss.resteasy.resteasy_jaxrs.i18n] (default task-15) RESTEASY002315: PathInfo: /realms/forum/protocol/openid-connect/token
20:41:18,320 DEBUG [org.keycloak.authentication.AuthenticationProcessor] (default task-15) AUTHENTICATE CLIENT
20:41:18,320 DEBUG [org.keycloak.authentication.AuthenticationProcessor] (default task-15) client authenticator: client-secret
20:41:18,320 DEBUG [org.keycloak.authentication.AuthenticationProcessor] (default task-15) client authenticator SUCCESS: client-secret
20:41:18,320 DEBUG [org.keycloak.authentication.AuthenticationProcessor] (default task-15) Client security-admin-console authenticated by client-secret
20:41:18,321 DEBUG [org.keycloak.authentication.AuthenticationProcessor] (default task-15) AUTHENTICATE ONLY
20:41:18,321 DEBUG [org.keycloak.authentication.DefaultAuthenticationFlow] (default task-15) processFlow
20:41:18,321 DEBUG [org.keycloak.authentication.DefaultAuthenticationFlow] (default task-15) check execution: direct-grant-validate-username requirement: REQUIRED
20:41:18,322 DEBUG [org.keycloak.authentication.DefaultAuthenticationFlow] (default task-15) authenticator: direct-grant-validate-username
20:41:18,322 DEBUG [org.keycloak.authentication.DefaultAuthenticationFlow] (default task-15) invoke authenticator.authenticate
20:41:18,322 DEBUG [org.keycloak.authentication.DefaultAuthenticationFlow] (default task-15) authenticator SUCCESS: direct-grant-validate-username
20:41:18,322 DEBUG [org.keycloak.authentication.DefaultAuthenticationFlow] (default task-15) check execution: direct-grant-validate-password requirement: REQUIRED
20:41:18,322 DEBUG [org.keycloak.authentication.DefaultAuthenticationFlow] (default task-15) authenticator: direct-grant-validate-password
20:41:18,322 DEBUG [org.keycloak.authentication.DefaultAuthenticationFlow] (default task-15) invoke authenticator.authenticate
20:41:18,323 DEBUG [org.keycloak.authentication.DefaultAuthenticationFlow] (default task-15) authenticator SUCCESS: direct-grant-validate-password
20:41:18,323 DEBUG [org.keycloak.authentication.DefaultAuthenticationFlow] (default task-15) check execution: direct-grant-validate-otp requirement: OPTIONAL
20:41:18,323 DEBUG [org.keycloak.authentication.DefaultAuthenticationFlow] (default task-15) authenticator: direct-grant-validate-otp
20:41:18,323 DEBUG [org.keycloak.authentication.DefaultAuthenticationFlow] (default task-15) invoke authenticator.authenticate
20:41:18,323 DEBUG [org.keycloak.authentication.DefaultAuthenticationFlow] (default task-15) authenticator ATTEMPTED: direct-grant-validate-otp
20:41:18,360 DEBUG [org.keycloak.events] (default task-15) type=LOGIN, realmId=forum, clientId=security-admin-console, userId=f785e600-124c-4e26-914e-2c4f6ec9c95b, ipAddress=127.0.0.1, auth_method=openid-connect, token_id=4dd8bbcb-e771-4652-8711-b2c0937bb8fe, grant_type=password, refresh_token_type=Refresh, refresh_token_id=c0e58e55-9edc-4940-9ff4-52a5a5a9f577, client_auth_method=client-secret, username=charles
20:41:18,363 DEBUG [org.apache.http.wire] (default task-14) << "HTTP/1.1 200 OK[\r][\n]"
20:41:18,363 DEBUG [org.apache.http.wire] (default task-14) << "Connection: keep-alive[\r][\n]"
20:41:18,364 DEBUG [org.apache.http.wire] (default task-14) << "X-Powered-By: Undertow/1[\r][\n]"
20:41:18,364 DEBUG [org.apache.http.wire] (default task-14) << "Server: WildFly/10[\r][\n]"
20:41:18,364 DEBUG [org.apache.http.wire] (default task-14) << "Transfer-Encoding: chunked[\r][\n]"
20:41:18,364 DEBUG [org.apache.http.wire] (default task-14) << "Content-Type: application/json[\r][\n]"
20:41:18,364 DEBUG [org.apache.http.wire] (default task-14) << "Date: Wed, 10 Feb 2016 23:41:18 GMT[\r][\n]"
20:41:18,364 DEBUG [org.apache.http.wire] (default task-14) << "[\r][\n]"
20:41:18,364 DEBUG [org.apache.http.impl.conn.DefaultClientConnection] (default task-14) Receiving response: HTTP/1.1 200 OK
20:41:18,364 DEBUG [org.apache.http.headers] (default task-14) << HTTP/1.1 200 OK
20:41:18,364 DEBUG [org.apache.http.headers] (default task-14) << Connection: keep-alive
20:41:18,364 DEBUG [org.apache.http.headers] (default task-14) << X-Powered-By: Undertow/1
20:41:18,364 DEBUG [org.apache.http.headers] (default task-14) << Server: WildFly/10
20:41:18,364 DEBUG [org.apache.http.headers] (default task-14) << Transfer-Encoding: chunked
20:41:18,364 DEBUG [org.apache.http.headers] (default task-14) << Content-Type: application/json
20:41:18,364 DEBUG [org.apache.http.headers] (default task-14) << Date: Wed, 10 Feb 2016 23:41:18 GMT
20:41:18,364 DEBUG [org.apache.http.impl.client.DefaultHttpClient] (default task-14) Connection can be kept alive indefinitely
20:41:18,386 DEBUG [org.apache.http.wire] (default task-14) << "0ed6[\r][\n]"
20:41:18,386 DEBUG [org.apache.http.wire] (default task-14) << "{"access_token":"eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiI0ZGQ4YmJjYi1lNzcxLTQ2NTItODcxMS1iMmMwOTM3YmI4ZmUiLCJleHAiOjE0NTUxNDc5NzgsIm5iZiI6MCwiaWF0IjoxNDU1MTQ3Njc4LCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjgwODAvYXV0aC9yZWFsbXMvZm9ydW0iLCJhdWQiOiJzZWN1cml0eS1hZG1pbi1jb25zb2xlIiwic3ViIjoiZjc4NWU2MDAtMTI0Yy00ZTI2LTkxNGUtMmM0ZjZlYzljOTViIiwidHlwIjoiQmVhcmVyIiwiYXpwIjoic2VjdXJpdHktYWRtaW4tY29uc29sZSIsInNlc3Npb25fc3RhdGUiOiIyYzkwMDMzOS1mNjNhLTQ4MGItYjJiZS0wZjZmNDlkNDc3MmYiLCJjbGllbnRfc2Vzc2lvbiI6IjE4YTlhNDQ1LTVkMWMtNGYyZi1iNmYxLTI0NDdkZGQzYzAxNSIsImFsbG93ZWQtb3JpZ2lucyI6W10sInJlc291cmNlX2FjY2VzcyI6eyJyZWFsbS1tYW5hZ2VtZW50Ijp7InJvbGVzIjpbInZpZXctaWRlbnRpdHktcHJvdmlkZXJzIiwidmlldy1yZWFsbSIsIm1hbmFnZS1pZGVudGl0eS1wcm92aWRlcnMiLCJpbXBlcnNvbmF0aW9uIiwicmVhbG0tYWRtaW4iLCJjcmVhdGUtY2xpZW50IiwibWFuYWdlLXVzZXJzIiwibWFuYWdlLWV2ZW50cyIsIm1hbmFnZS1yZWFsbSIsInZpZXctZXZlbnRzIiwidmlldy11c2VycyIsInZpZXctY2xpZW50cyIsIm1hbmFnZS1jbGllbnRzIl19fSwibmFtZSI6IkNoYXJsZXMgUXVlaXJveiIsInByZWZlcnJlZF91c2VybmFtZSI6ImNoYXJsZXMiLCJnaXZlbl9uYW1lIjoiQ2hhcmxlcyIsImxvY2FsZSI6InB0LUJSIiwiZmFtaWx5X25hbWUiOiJRdWVpcm96IiwiZW1haWwiOiJjaGFybGVzQGRhemVuLmNvbSJ9.bDRa_LxZeClP3k8GpcZPabZFcZA2oizTWdv-11xsUOutGx6zcP50EogkCfgFOyIsF0LCmTFOoqgBIS1XA8lFAImmCmxad6kOi7Jv1vxt-7YvxauxQdppDmKa10QTV-Za46QQEMyEjxT6o3AuCi-clxUUfLmKE7PVXmZeB07ejABoEKRZhEJVDHo3u-O1G_hjtwuH1DDkwLpgsEWBRYJ-_Dh-vKupgXxuckduelhbasLdiSXhJwdmVfY2Johfyk6WxVEViuigoLi8qe6y0KNbcyt3Vtf_t_9y7dvyGZZaM_9WLzwr29yR-91uM0rcr0V_B3W0MAwSXLFV5c1nEn03Pg","expires_in":300,"refresh_expires_in":1800,"refresh_token":"eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiJjMGU1OGU1NS05ZWRjLTQ5NDAtOWZmNC01MmE1YTVhOWY1NzciLCJleHAiOjE0NTUxNDk0NzgsIm5iZiI6MCwiaWF0IjoxNDU1MTQ3Njc4LCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjgwODAvYXV0aC9yZWFsbXMvZm9ydW0iLCJhdWQiOm51bGwsInN1YiI6ImY3ODVlNjAwLTEyNGMtNGUyNi05MTRlLTJjNGY2ZWM5Yzk1YiIsInR5cCI6IlJlZnJlc2giLCJhenAiOiJzZWN1cml0eS1hZG1pbi1jb25zb2xlIiwic2Vzc2lvbl9zdGF0ZSI6IjJjOTAwMzM5LWY2M2EtNDgwYi1iMmJlLTBmNmY0OWQ0NzcyZiIsImNsaWVudF9zZXNzaW9uIjoiMThhOWE0NDUtNWQxYy00ZjJmLWI2ZjEtMjQ0N2RkZDNjMDE1IiwicmVzb3VyY2VfYWNjZXNzIjp7InJlYWxtLW1hbmFnZW1lbnQiOnsicm9sZXMiOlsidmlldy1pZGVudGl0eS1wcm92aWRlcnMiLCJ2aWV3LXJlYWxtIiwibWFuYWdlLWlkZW50aXR5LXByb3ZpZGVycyIsImltcGVyc29uYXRpb24iLCJyZWFsbS1hZG1pbiIsImNyZWF0ZS1jbGllbnQiLCJtYW5hZ2UtdXNlcnMiLCJtYW5hZ2UtZXZlbnRzIiwibWFuYWdlLXJlYWxtIiwidmlldy1ldmVudHMiLCJ2aWV3LXVzZXJzIiwidmlldy1jbGllbnRzIiwibWFuYWdlLWNsaWVudHMiXX19fQ.MPwbo7nnYspbbgAzWt2Z5ozWaMpP0ONI5WKAR-A8GkrrjYXTyJZk9mDLxHxUVaINboesSAhTd_RO4-g0k6yK8YOQLetztdl-YJxIUnVZQmCFdPwBOkty2Azmcib7mNI2eJWvUdFAIvpRhWt-2_P03DXAE0sAN4oS48HocQxKD2ZMHkB_rDWwKX313l_wFxUkW5T9tOv93jMHFx8k6dGV5GWVEH6-fuw4K5k-zUGRxKrBsQaCxJrpmjxXsx2gFqoYgU8PnRk2ReqblEIxC4fQfMk0SsW0Hm77_I0YaPMPW-yn4eULm31yYqnWOphZhtNmybMgi2Y8iJ_Q2yqCU2iJkw","token_type":"bearer","id_token":"eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiI5YWM5M2UxNy1jMGJiLTQyZDYtYWM2Mi1kYmVhNWU0NmJmMWQiLCJleHAiOjE0NTUxNDc5NzgsIm5iZiI6MCwiaWF0IjoxNDU1MTQ3Njc4LCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjgwODAvYXV0aC9yZWFsbXMvZm9ydW0iLCJhdWQiOiJzZWN1cml0eS1hZG1pbi1jb25zb2xlIiwic3ViIjoiZjc4NWU2MDAtMTI0Yy00ZTI2LTkxNGUtMmM0ZjZlYzljOTViIiwidHlwIjoiSUQiLCJhenAiOiJzZWN1cml0eS1hZG1pbi1jb25zb2xlIiwic2Vzc2lvbl9zdGF0ZSI6IjJjOTAwMzM5LWY2M2EtNDgwYi1iMmJlLTBmNmY0OWQ0NzcyZiIsIm5hbWUiOiJDaGFybGVzIFF1ZWlyb3oiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJjaGFybGVzIiwiZ2l2ZW5fbmFtZSI6IkNoYXJsZXMiLCJsb2NhbGUiOiJwdC1CUiIsImZhbWlseV9uYW1lIjoiUXVlaXJveiIsImVtYWlsIjoiY2hhcmxlc0BkYXplbi5jb20ifQ.YxeYJ9cKFyDRQ1YyJbwflQSr-n8l9nW1ORsvQbWo1XYfd6UqiUJlSsygIg4JqFIJGfCU_X8DJcV5HmdOtt90IHqW0_Oc6P8ZvVA1UdGEcoWlVBi88Hd_dIGC3WgyaE4WdOW1KC6nh3Eba2KmdUPQQ3xRKYXd9-pxmE2DwDrHZtONd8EaqTeK4J8vE34Jr_BQyNdv9yGztUh73AGVXAeVk4MqKBRAVmcod_eYOpaaf2OfQwaHQZpskwVqrEIIffyXmIMwD1MbmIP4tMPdMnNBK7bzNO-Qx7VTgWOuTu-VRQQoH0-fXetJdxKb5O1_2G7qCi_CYLeolh2DbIWswM6bag","not-before-policy":0,"session-state":"2c900339-f63a-480b-b2be-0f6f49d4772f"}"
20:41:18,409 DEBUG [org.apache.http.wire] (default task-14) << "[\r][\n]"
20:41:18,409 DEBUG [org.apache.http.wire] (default task-14) << "0[\r][\n]"
20:41:18,409 DEBUG [org.apache.http.wire] (default task-14) << "[\r][\n]"
20:41:18,409 DEBUG [org.apache.http.impl.conn.BasicClientConnectionManager] (default task-14) Releasing connection org.apache.http.impl.conn.ManagedClientConnectionImpl@24993c5f
20:41:18,409 DEBUG [org.apache.http.impl.conn.BasicClientConnectionManager] (default task-14) Connection can be kept alive indefinitely
20:41:18,413 DEBUG [org.jboss.as.jpa] (default task-14) default task-14:transaction scoped EntityManager [forum.war#ForumPU]: closing entity managersession
20:41:18,414 DEBUG [org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl] (default task-14) Initiating JDBC connection release from afterTransaction
20:41:18,414 ERROR [org.jboss.as.ejb3.invocation] (default task-14) WFLYEJB0034: EJB Invocation failed on component UserRestEndpoint for method public javax.ws.rs.core.Response br.com.projetolead.forum.integration.rest.UserRestEndpoint.save(br.com.projetolead.forum.model.User,javax.servlet.http.HttpServletRequest) throws java.io.IOException: javax.ejb.EJBException: javax.ws.rs.client.ResponseProcessingException: javax.ws.rs.ProcessingException: com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException: Unrecognized field "access_token" (class org.keycloak.representations.AccessTokenResponse), not marked as ignorable (9 known properties: "notBeforePolicy", "otherClaims", "tokenType", "token", "expiresIn", "sessionState", "refreshExpiresIn", "idToken", "refreshToken"])
at [Source: org.apache.http.conn.EofSensorInputStream@5af6ffba; line: 1, column: 18] (through reference chain: org.keycloak.representations.AccessTokenResponse["access_token”])
------
Where is the problem?
Atenciosamente,
Charles Queiroz
Dazen™ IT Services
Technology - Software Development
charles(a)dazen.com.br <mailto:charles@dazen.com.br>
Fortaleza - CE
Phone: +55 85 9933 1585
Twitter: @CharlesQueiiroz
8 years, 10 months
angularjs ng2 sample
by Matuszak, Eduard
Hello
We are adviced to implement the GUI of a new project with angularjs ng2. There is an inspiring sample (https://github.com/keycloak/keycloak/tree/master/examples/demo-template/a...) for using keycloak.js-library in colaboration with the older angular version. Do you intend to publish a comparable example based on ng2 in the near future? This would be very helpful.
Thanks in advance for your feedback, Eduard Matuszak
Dr. Eduard Matuszak
Worldline, an atos company
T +49 (211)399 398 63
M +49 (163)166 23 67
F +49(211) 399 22 430
eduard.matuszak(a)atos.net<mailto:eduard.matuszak@atos.net>
Max-Stromeyer-Straße 116
78467 Konstanz
Germany
de.worldline.com<http://worldline.com/de/1/Home.html>
worldline.jobs.de<http://worldline.jobs.de>
facebook.com/WorldlineKarriere<http://www.facebook.com/WorldlineKarriere>
Worldline GmbH
Geschäftsführer: Wolf Kunisch
Aufsichtsratsvorsitzender: Christophe Duquenne
Sitz der Gesellschaft: Frankfurt/Main
Handelsregister: Frankfurt/Main HRB 40 417
* * * * * * * * L E G A L D I S C L A I M E R * * * * * * * *
This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail by error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavors to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and shall not be liable for any damages resulting from any virus transmitted.
* * * * * * * * L E G A L D I S C L A I M E R * * * * * * * *
8 years, 10 months
Keycloak clustering in AWS
by Riddhi Rathod
I am trying to setup keycloak cluster with a shared database in AWS environment. I followed all steps mentioned on this link: http://keycloak.github.io/docs/userguide/keycloak-server/html/clustering....
Keycloak nodes are AWS EC2 and shared database is AWS RDS. How does the keycloak instances identify each other in cluster in AWS (how does multicast work in a AWS VPC)?
Has anyone tried this before? Any references or things to take care of list would be great.
Thank you,
Riddhi Rathod
8 years, 10 months
spring security getting username
by Jeremy Simon
Hi,
I can't seem to get my user's name using the keycloak adaptor for
spring security. I have a rest controller that i'm trying this chunk
of code:
...
Authentication KeyCloakAuth =
SecurityContextHolder.getContext().getAuthentication();
KeycloakAccount keyAccount = ((KeycloakAuthenticationToken)
KeyCloakAuth).getAccount();
String username1 = keyAccount.getPrincipal().getName()
String username2 =
SecurityContextHolder.getContext().getAuthentication().getName()
KeycloakPrincipal<?> prince = (KeycloakPrincipal<?>)
((KeycloakAuthenticationToken) KeyCloakAuth).getPrincipal();
String username3 = prince.getName();
...
username1, username2, username3 will have something like this:
aa5f6e42-9463-4862-a750-bd0c092daf11
I gleaned this from some stackoverflow examples that claimed these
approached worked... There something I don't have set right?
jeremy
jeremy(a)jeremysimon.com
www.JeremySimon.com
8 years, 10 months
