September 2016 - keycloak-user - Jboss List Archives

Ideas for the JavaOne's KeyCloak Hackengarten

by Sebastien Blanc

Hi ! Next week I will be at JavaOne, during the week I will have the privilege to lead for an afternoon the hackergarten area. For sure, I would like to bring up the KeyCloak project (along with Forge and maybe Swarm). For those who don't know what an hackergarten is : http://hackergarten.net/ So, do we have any JIRAs, docs , tests missing that would fit for a 3 hours hacker session ? My own ideas : - Work on the Keycloak Forge Addon : Create Clients from Forge etc ... - Start exploring a Keycloak Go Adapter - Polish Java Adapter Documentation I wait for your ideas ! Sebi

8 years, 3 months

2
1
0 / 0

Why is email required when joining via Google?

by Chris Hairfield

Hello, I'm attempting to register via the Google OAuth link. Keycloak routes me to Google where I authorize my app. Then I'm returned to Keycloak. Why am I asked to input my email (below)? Keycloak requests <https://github.com/keycloak/keycloak/blob/master/services/src/main/java/o...> the email scope and Google is an email provider. Why is my Google email not automatically stored at the email of this new account? I even have Trust Email on for Google. Chris [image: keycloak-q.png]

8 years, 3 months

2
2
0 / 0

Returned mail: Data format error

by Mail Delivery Subsystem

8 years, 3 months

1
0
0 / 0

Error Failed to find provider infinispan for realmCache

by Aman Jaiswal

Hi I am geting follwoing error when trying to integrate infinispan with keycloak /home/ubuntu/keycloak/keycloak-2.1.0.Final/bin/standalone.sh --server-config=standalone-ha.xml -b=$ip -Djava.net.preferIPv4Stack=true -Djboss.default.jgroups.stack=s3 -Djgroups.s3.bucket=keycloak-dev -Djgroups.s3.access_key=AKIAJLZZOFCWT37CYAXQ -Djgroups.s3.secret_access_key=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 -Djgroups.management.address=$ipkeycloakdevadmin ========================================================================= JBoss Bootstrap Environment JBOSS_HOME: /home/ubuntu/keycloak/keycloak-2.1.0.Final JAVA: java JAVA_OPTS: -server -Xms64m -Xmx512m -XX:MetaspaceSize=96M -XX:MaxMetaspaceSize=256m -Djava.net.preferIPv4Stack=true -Djboss.modules.system.pkgs=org.jboss.byteman -Djava.awt.headless=true ========================================================================= 16:16:59,292 INFO [org.jboss.modules] (main) JBoss Modules version 1.5.1.Final 16:16:59,556 INFO [org.jboss.msc] (main) JBoss MSC version 1.2.6.Final 16:16:59,648 INFO [org.jboss.as] (MSC service thread 1-3) WFLYSRV0049: Keycloak 2.1.0.Final (WildFly Core 2.0.10.Final) starting 16:17:01,235 INFO [org.jboss.as.controller.management-deprecated] (ServerService Thread Pool -- 16) WFLYCTL0028: Attribute 'default-stack' in the resource at address '/subsystem=jgroups' is deprecated, and may be removed in future version. See the attribute description in the output of the read-resource-description operation to learn more about the deprecation. 16:17:01,618 INFO [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0039: Creating http management service using socket-binding (management-http) 16:17:01,647 INFO [org.xnio] (MSC service thread 1-2) XNIO version 3.3.4.Final 16:17:01,674 INFO [org.xnio.nio] (MSC service thread 1-2) XNIO NIO Implementation Version 3.3.4.Final 16:17:01,740 INFO [org.jboss.remoting] (MSC service thread 1-2) JBoss Remoting version 4.0.18.Final 16:17:01,786 INFO [org.jboss.as.connector.subsystems.datasources] (ServerService Thread Pool -- 35) WFLYJCA0004: Deploying JDBC-compliant driver class org.h2.Driver (version 1.3) 16:17:01,792 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 39) WFLYCLINF0001: Activating Infinispan subsystem. 16:17:01,794 INFO [org.wildfly.extension.io] (ServerService Thread Pool -- 38) WFLYIO001: Worker 'default' has auto-configured to 4 core threads with 32 task threads based on your 2 available processors 16:17:01,811 INFO [org.jboss.as.connector.subsystems.datasources] (ServerService Thread Pool -- 35) WFLYJCA0005: Deploying non-JDBC-compliant driver class com.mysql.jdbc.Driver (version 5.1) 16:17:01,846 INFO [org.jboss.as.clustering.jgroups] (ServerService Thread Pool -- 43) WFLYCLJG0001: Activating JGroups subsystem. 16:17:01,875 INFO [org.jboss.as.jsf] (ServerService Thread Pool -- 46) WFLYJSF0007: Activated the following JSF Implementations: [main] 16:17:01,901 INFO [org.jboss.as.connector] (MSC service thread 1-3) WFLYJCA0009: Starting JCA Subsystem (WildFly/IronJacamar 1.3.2.Final) 16:17:01,907 INFO [org.jboss.as.connector.deployers.jdbc] (MSC service thread 1-3) WFLYJCA0018: Started Driver service with driver-name = mysql 16:17:01,908 INFO [org.jboss.as.connector.deployers.jdbc] (MSC service thread 1-3) WFLYJCA0018: Started Driver service with driver-name = h2 16:17:01,912 INFO [org.jboss.as.naming] (ServerService Thread Pool -- 49) WFLYNAM0001: Activating Naming Subsystem 16:17:02,026 INFO [org.jboss.as.security] (ServerService Thread Pool -- 56) WFLYSEC0002: Activating Security Subsystem 16:17:02,050 INFO [org.jboss.as.webservices] (ServerService Thread Pool -- 59) WFLYWS0002: Activating WebServices Extension 16:17:02,066 INFO [org.jboss.as.security] (MSC service thread 1-3) WFLYSEC0001: Current PicketBox version=4.9.4.Final 16:17:02,072 INFO [org.wildfly.extension.undertow] (ServerService Thread Pool -- 58) WFLYUT0003: Undertow 1.3.15.Final starting 16:17:02,078 INFO [org.wildfly.extension.undertow] (MSC service thread 1-4) WFLYUT0003: Undertow 1.3.15.Final starting 16:17:02,112 INFO [org.jboss.as.naming] (MSC service thread 1-4) WFLYNAM0003: Starting Naming Service 16:17:02,113 INFO [org.jboss.as.mail.extension] (MSC service thread 1-4) WFLYMAIL0001: Bound mail session [java:jboss/mail/Default] 16:17:02,394 INFO [org.wildfly.extension.undertow] (ServerService Thread Pool -- 58) WFLYUT0014: Creating file handler for path '/home/ubuntu/keycloak/keycloak-2.1.0.Final/welcome-content' with options [directory-listing: 'false', follow-symlink: 'false', case-sensitive: 'true', safe-symlink-paths: '[]'] 16:17:02,404 INFO [org.wildfly.extension.undertow] (MSC service thread 1-1) WFLYUT0012: Started server default-server. 16:17:02,442 INFO [org.wildfly.extension.undertow] (MSC service thread 1-4) WFLYUT0018: Host default-host starting 16:17:02,515 INFO [org.wildfly.extension.undertow] (MSC service thread 1-3) WFLYUT0006: Undertow HTTP listener default listening on 10.1.3.93:8080 16:17:02,523 INFO [org.wildfly.extension.undertow] (MSC service thread 1-1) WFLYUT0006: Undertow AJP listener ajp listening on 10.1.3.93:8009 16:17:02,527 INFO [org.jboss.modcluster] (ServerService Thread Pool -- 62) MODCLUSTER000001: Initializing mod_cluster version 1.3.1.Final 16:17:02,542 INFO [org.jboss.modcluster] (ServerService Thread Pool -- 62) MODCLUSTER000032: Listening to proxy advertisements on /224.0.1.105:23364 16:17:03,071 INFO [org.jboss.as.connector.subsystems.datasources] (MSC service thread 1-2) WFLYJCA0001: Bound data source [java:jboss/datasources/KeycloakDS] 16:17:03,304 INFO [org.jboss.as.server.deployment] (MSC service thread 1-3) WFLYSRV0027: Starting deployment of "keycloak-server.war" (runtime-name: "keycloak-server.war") 16:17:03,627 INFO [org.jboss.ws.common.management] (MSC service thread 1-1) JBWS022052: Starting JBossWS 5.1.3.Final (Apache CXF 3.1.4) 16:17:08,079 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-4) ISPN000078: Starting JGroups channel keycloak 16:17:08,080 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-1) ISPN000078: Starting JGroups channel server 16:17:08,081 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-3) ISPN000078: Starting JGroups channel hibernate 16:17:08,081 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-2) ISPN000078: Starting JGroups channel web 16:17:08,096 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-4) ISPN000094: Received new cluster view for channel keycloak: [ip-10-1-3-93|0] (1) [ip-10-1-3-93] 16:17:08,096 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-1) ISPN000094: Received new cluster view for channel server: [ip-10-1-3-93|0] (1) [ip-10-1-3-93] 16:17:08,096 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-3) ISPN000094: Received new cluster view for channel hibernate: [ip-10-1-3-93|0] (1) [ip-10-1-3-93] 16:17:08,098 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-2) ISPN000094: Received new cluster view for channel web: [ip-10-1-3-93|0] (1) [ip-10-1-3-93] 16:17:08,101 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-3) ISPN000079: Channel hibernate local address is ip-10-1-3-93, physical addresses are [10.1.3.93:55200] 16:17:08,102 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-1) ISPN000079: Channel server local address is ip-10-1-3-93, physical addresses are [10.1.3.93:55200] 16:17:08,105 INFO [org.infinispan.factories.GlobalComponentRegistry] (MSC service thread 1-3) ISPN000128: Infinispan version: Infinispan 'Mahou' 8.1.0.Final 16:17:08,108 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-2) ISPN000079: Channel web local address is ip-10-1-3-93, physical addresses are [10.1.3.93:55200] 16:17:08,108 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-4) ISPN000079: Channel keycloak local address is ip-10-1-3-93, physical addresses are [10.1.3.93:55200] 16:17:08,147 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-3) ISPN000078: Starting JGroups channel ejb 16:17:08,150 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-3) ISPN000094: Received new cluster view for channel ejb: [ip-10-1-3-93|0] (1) [ip-10-1-3-93] 16:17:08,150 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-3) ISPN000079: Channel ejb local address is ip-10-1-3-93, physical addresses are [10.1.3.93:55200] 16:17:08,473 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 67) WFLYCLINF0002: Started work cache from keycloak container 16:17:08,482 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 65) WFLYCLINF0002: Started realms cache from keycloak container 16:17:08,487 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 64) WFLYCLINF0002: Started offlineSessions cache from keycloak container 16:17:08,491 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 66) WFLYCLINF0002: Started loginFailures cache from keycloak container 16:17:08,492 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 63) WFLYCLINF0002: Started sessions cache from keycloak container 16:17:08,494 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 62) WFLYCLINF0002: Started users cache from keycloak container 16:17:09,206 INFO [org.keycloak.services] (ServerService Thread Pool -- 66) KC-SERVICES0001: Loading config from /home/ubuntu/keycloak/keycloak-2.1.0.Final/standalone/configuration/keycloak-server.json 16:17:09,477 ERROR [org.jboss.msc.service.fail] (ServerService Thread Pool -- 66) MSC000001: Failed to start service jboss.undertow.deployment.default-server.default-host./auth: org.jboss.msc.service.StartException in service jboss.undertow.deployment.default-server.default-host./auth: java.lang.RuntimeException: RESTEASY003325: Failed to construct public org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher) at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:85) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) at org.jboss.threads.JBossThread.run(JBossThread.java:320) Caused by: java.lang.RuntimeException: RESTEASY003325: Failed to construct public org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher) at org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:162) at org.jboss.resteasy.spi.ResteasyProviderFactory.createProviderInstance(ResteasyProviderFactory.java:2209) at org.jboss.resteasy.spi.ResteasyDeployment.createApplication(ResteasyDeployment.java:299) at org.jboss.resteasy.spi.ResteasyDeployment.start(ResteasyDeployment.java:240) at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.init(ServletContainerDispatcher.java:113) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.init(HttpServletDispatcher.java:36) at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:117) at org.wildfly.extension.undertow.security.RunAsLifecycleInterceptor.init(RunAsLifecycleInterceptor.java:78) at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:103) at io.undertow.servlet.core.ManagedServlet$DefaultInstanceStrategy.start(ManagedServlet.java:231) at io.undertow.servlet.core.ManagedServlet.createServlet(ManagedServlet.java:132) at io.undertow.servlet.core.DeploymentManagerImpl.start(DeploymentManagerImpl.java:526) at org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:101) at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:82) ... 6 more Caused by: java.lang.RuntimeException: Failed to find provider infinispan for realmCache at org.keycloak.services.DefaultKeycloakSessionFactory.loadSPIs(DefaultKeycloakSessionFactory.java:96) at org.keycloak.services.DefaultKeycloakSessionFactory.init(DefaultKeycloakSessionFactory.java:75) at org.keycloak.services.resources.KeycloakApplication.createSessionFactory(KeycloakApplication.java:244) at org.keycloak.services.resources.KeycloakApplication.<init>(KeycloakApplication.java:78) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) at java.lang.reflect.Constructor.newInstance(Constructor.java:423) at org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:150) ... 19 more 16:17:09,482 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([("deployment" => "keycloak-server.war")]) - failure description: {"WFLYCTL0080: Failed services" => {"jboss.undertow.deployment.default-server.default-host./auth" => "org.jboss.msc.service.StartException in service jboss.undertow.deployment.default-server.default-host./auth: java.lang.RuntimeException: RESTEASY003325: Failed to construct public org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher) Caused by: java.lang.RuntimeException: RESTEASY003325: Failed to construct public org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher) Caused by: java.lang.RuntimeException: Failed to find provider infinispan for realmCache"}} 16:17:09,543 INFO [org.jboss.as.server] (ServerService Thread Pool -- 61) WFLYSRV0010: Deployed "keycloak-server.war" (runtime-name : "keycloak-server.war") 16:17:09,545 INFO [org.jboss.as.controller] (Controller Boot Thread) WFLYCTL0183: Service status report WFLYCTL0186: Services which failed to start: service jboss.undertow.deployment.default-server.default-host./auth: org.jboss.msc.service.StartException in service jboss.undertow.deployment.default-server.default-host./auth: java.lang.RuntimeException: RESTEASY003325: Failed to construct public org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher) 16:17:09,750 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0060: Http management interface listening on http://127.0.0.1:9990/management 16:17:09,751 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0051: Admin console listening on http://127.0.0.1:9990 16:17:09,753 ERROR [org.jboss.as] (Controller Boot Thread) WFLYSRV0026: Keycloak 2.1.0.Final (WildFly Core 2.0.10.Final) started (with errors) in 10846ms - Started 475 of 853 services (2 services failed or missing dependencies, 588 services are lazy, passive or on-demand) -- Thanks, Aman Jaiswal

8 years, 3 months

2
13
0 / 0

How to programatically detect if a user is temporarily disabled or locked

by Tin

Hi, I need to display in my java application if a user is locked or temporarily disabled. I am using keycloak-admin-client. Your help is very much appreciated. I have searched the internet but there is no clear explanation on how to do this. Thanks!

8 years, 3 months

2
1
0 / 0

Keycloak 2.2.0.Final

by Stian Thorgersen

Final is out. Go grab it now!

8 years, 3 months

2
1
0 / 0

Configuring KC adapter through ENV/programatically

by cen

Hi We have a Java REST microservice which is configured as a whole through environment variables and deployed in Docker. We can't provide production keycloak.json at Docker build time because then it becomes a specific container for a specific deployment. We want to keep the container unconfigured and neutral, ready to be deployed with any Keycloak server. At the moment we have an additional step in production deployment that copies the correct keycloak.json into a running Docker container and restarts it. Ideally though, we would like to provide keycloak.json through an environment variable or load it dynamically from etcd/zookeeper/similar. is it possible to somehow configure the Keycloak adapter at runtime? Best regards, cen

8 years, 3 months

3
4
0 / 0

Keycloak user credentials clean up

by Francisco Montada

Hi Team We are facing the problem with the user credentials clean up, the uses cases are two and are consisten 1. From the Keycloak Web Console, sometime if I remove more that one role at the same time, is happen the credential clean up. 2. After redeploy the server, the credential for some users are being clean up This is how the user credentials looks after the clean up "credentials" : [ { "value" : "ZTA3VTu2d7X6Cl/iSWKjGBGb5bJUFBto1EiOs8AjLj5rI KkMo2Wzymgm8rdPP27LMBBovNw8nxpDvcp4tniCqw==" } ], The problem is that after that Keycloak can no do anything with that user because the server start getting NullpointerException 03:36:36,031 ERROR [io.undertow.request] (default task-5) UT005023: Exception handling request to /auth/admin/realms/opencarwash/users/09c74660- 902c-441b-8892-f7dd560a7b83/reset-password: org.jboss.resteasy.spi.UnhandledException: java.lang.NullPointerException at org.jboss.resteasy.core.ExceptionHandler.handleApplicationException( ExceptionHandler.java:76) at org.jboss.resteasy.core.ExceptionHandler.handleException( ExceptionHandler.java:212) at org.jboss.resteasy.core.SynchronousDispatcher.writeException( SynchronousDispatcher.java:168) at org.jboss.resteasy.core.SynchronousDispatcher.invoke( SynchronousDispatcher.java:411) at org.jboss.resteasy.core.SynchronousDispatcher.invoke( SynchronousDispatcher.java:202) at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher. service(ServletContainerDispatcher.java:221) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service( HttpServletDispatcher.java:56) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service( HttpServletDispatcher.java:51) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at io.undertow.servlet.handlers.ServletHandler.handleRequest( ServletHandler.java:85) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl. doFilter(FilterHandler.java:129) at org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter( KeycloakSessionServletFilter.java:90) at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) And on the login page the user see this "Unexpected error when handling authentication request to identity provider." could you please help us ? Thanks

8 years, 3 months

2
1
0 / 0

session inactivity; ignoring auto refresh requests

by sheishere b

We have node js integrated with keycloak & keycloak is running as a service in jboss. There are many http requests being sent from browser to server in the background as part of auto refresh of some tables. So if user has opened browser & remains inactive; in the background many requests are made. Keycloak will never detect inactivity & hence session will never be invalidated after session inactivity timeout. Is there a way in keycloak to ignore such background requests from being considered for session alive scenarios?

8 years, 3 months

2
2
0 / 0

OpenID Connect Clients and Roles

by Andy Stebbing

Hi, I'm fairly new to OpenID Connect and Keycloak (using version 2.2.0-CR1 and RedHat SSO v7), I've managed to get a client working with a realm within Keycloak. I've configured the client in the realm using a shared key and have configured my remote client accordingly. It works fine for authentication and I'm getting the standard claims back. But I don't know how to get the roles associated with the user to come through. I can see in the endpoint OpenID connect configuration on the server that the following claims are supported: "claim_types_supported": [ "normal" ], "claims_parameter_supported": false, "claims_supported": [ "sub", "iss", "auth_time", "name", "given_name", "family_name", "preferred_username", "email" ] Does this mean that it's not possible to get the roles from the userinfo call? Or if it is possible, how do I configure it to be supported? Any help is very much appreciated ! Thanks andy

8 years, 3 months

2
2
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

keycloak-user September 2016