September 2016 - keycloak-user - Jboss List Archives

by Aman Jaiswal

Hi Can You please tell me what is the changes are required in standalone.xml or standalone-ha.xml file and what does that means , is there is any document's for that so I can batter understand it. -- Thanks, Aman Jaiswal

8 years, 3 months

2
8
0 / 0

Fwd: Re: bearer token payload

by Uli SE

Sorry, not sent to list. Yes, but the mappers are gone, if I chose bearer-only as Access Type. Any other hint? Cheers, Uli Am 10.09.2016 um 13:30 schrieb Bill Burke: > > Yes. See mappers under you client int he admin console. > > > On 9/10/16 7:28 AM, Uli SE wrote: >> >> Hi, >> >> Can I add fields from keycloak profile to the bearer token to get >> them in a Wildfly-based webservice? >> >> >> >> _______________________________________________ >> keycloak-user mailing list >> keycloak-user(a)lists.jboss.org >> https://lists.jboss.org/mailman/listinfo/keycloak-user > > > > _______________________________________________ > keycloak-user mailing list > keycloak-user(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/keycloak-user

8 years, 3 months

1
0
0 / 0

Webpage reloading twice

by Eric Matte

Hi, We are using the Javascript Adapter from Keycloak for our client authentication. However, when accessing a webpage, we receive the information twice. Here are the request logs received from the client to the server: 127.0.0.1 - - [13/Sep/2016 10:23:10] "GET /f/services HTTP/1.1" 200 - 127.0.0.1 - - [13/Sep/2016 10:23:10] "GET /f/services?prompt=none HTTP/1.1" 200 - The client is calling a second GET request for a reason that I don't know. Can you explain? Thank you

8 years, 3 months

3
2
0 / 0

IP Address based default user

by Jess Sightler

Is there a builtin authenticator that can provide a default user account based upon some criteria? For example, could we provide a default user if the client is connecting to localhost?

8 years, 3 months

2
3
0 / 0

Property 'databaseSchema' needs to be specified in the configuration

by Francisco Montada

Hi Dean we are running Keycloak 2.1.0-Final version using mongo DB but it is not working, we are getting the error below ERROR [org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider] (default task-3) Failed to make identity provider oauth callback: java.lang.RuntimeException: Property 'databaseSchema' needs to be specified in the configuration we have the correct configuration listed on the documentation, but it is not working https://keycloak.gitbooks.io/server-installation-and- configuration/content/v/2.1/topics/mongo.html We also see that other person got the same error, http://lists.jboss.org/pipermail/keycloak-user/2016-May/006007.html This is our keycloak-server.json configuration { "providers": [ "classpath:${jboss.home.dir}/providers/*" ], "admin": { "realm": "master" }, "eventsStore": { "provider": "mongo", "mongo": { "exclude-events": [ "REFRESH_TOKEN" ] } }, "realm": { "provider": "mongo" }, "user": { "provider": "mongo" }, "userCache": { "default" : { "enabled": true } }, "userSessionPersister": { "provider": "mongo" }, "authorizationPersister": { "provider": "mongo" }, "timer": { "provider": "basic" }, "theme": { "staticMaxAge": 2592000, "cacheTemplates": true, "cacheThemes": true, "folder": { "dir": "${jboss.home.dir}/themes" } }, "scheduled": { "interval": 900 }, "connectionsHttpClient": { "default": {} }, "connectionsMongo": { "default": { "host": "10.0.22.56", "port": "27017", "db": "ondbook", "user": "appUser", "password" : "password", "connectionsPerHost": 100, "databaseSchema": "update", "schema": "2.1.0.Final" } }, "realmCache": { "default" : { "enabled": true } }, "connectionsInfinispan": { "provider": "default", "default": { "cacheContainer" : "java:comp/env/infinispan/Keycloak" } } } Other problem is that we do not know why the logs is showing JPA connection when we config Mongo Caused by: java.lang.RuntimeException: Property 'databaseSchema' needs to be specified in the configuration at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFa ctory.lazyInit(DefaultJpaConnectionProviderFactory.java:132) at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.create( DefaultJpaConnectionProviderFactory.java:62) at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.create( DefaultJpaConnectionProviderFactory.java:50) Could you help us Thanks

8 years, 3 months

2
1
0 / 0

Error in parsing

by Aman Jaiswal

Hi I am getting following error while starting a server ERROR [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0055: Caught exception during boot: org.jboss.as.controller.persistence.ConfigurationPersistenceException: WFLYCTL0085: Failed to parse configuration at org.jboss.as.controller.persistence.XmlConfigurationPersister.load(XmlConfigurationPersister.java:131) at org.jboss.as.server.ServerService.boot(ServerService.java:356) at org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:299) at java.lang.Thread.run(Thread.java:745) Caused by: javax.xml.stream.XMLStreamException: ParseError at [row,col]:[133,5] Message: Unexpected element '{urn:jboss:domain:batch:1.0}subsystem' at org.jboss.staxmapper.XMLMapperImpl.processNested(XMLMapperImpl.java:108) at org.jboss.staxmapper.XMLExtendedStreamReaderImpl.handleAny(XMLExtendedStreamReaderImpl.java:69) at org.jboss.as.server.parsing.StandaloneXml_4.parseServerProfile(StandaloneXml_4.java:546) at org.jboss.as.server.parsing.StandaloneXml_4.readServerElement(StandaloneXml_4.java:242) at org.jboss.as.server.parsing.StandaloneXml_4.readElement(StandaloneXml_4.java:141) at org.jboss.as.server.parsing.StandaloneXml.readElement(StandaloneXml.java:103) at org.jboss.as.server.parsing.StandaloneXml.readElement(StandaloneXml.java:49) at org.jboss.staxmapper.XMLMapperImpl.processNested(XMLMapperImpl.java:110) at org.jboss.staxmapper.XMLMapperImpl.parseDocument(XMLMapperImpl.java:69) at org.jboss.as.controller.persistence.XmlConfigurationPersister.load(XmlConfigurationPersister.java:123) ... 3 more -- Thanks, Aman Jaiswal

8 years, 3 months

2
1
0 / 0

"Error! An unexpected server error has occurred" in Keycloak admin interface when retrieving a user

by Edgar Vonk - Info.nl

Using a specific user admin account that is part of our Keycloak customers realm (not the master realm) with permissions to edit users only (manage-users realm-management role) whenever I click on a user in the Keycloak admin interface (Manage - Users) I get a "Error! An unexpected server error has occurred” with the stacktrace below in the logs. All actions do seem to work properly however. It also happens when I create a user, but also there the user is created just fine it seems. I am guessing it is a permission issue on some REST endpoint in the admin interface or something? [0m[31m08:14:06,715 ERROR [org.jboss.resteasy.resteasy_jaxrs.i18n] (default task-40) RESTEASY002010: Failed to execute: javax.ws.rs.NotAllowedException: RESTEASY003650: No resource method found for GET, return 405 with Allow header at org.jboss.resteasy.core.registry.SegmentNode.match(SegmentNode.java:377) at org.jboss.resteasy.core.registry.SegmentNode.match(SegmentNode.java:116) at org.jboss.resteasy.core.registry.RootNode.match(RootNode.java:43) at org.jboss.resteasy.core.LocatorRegistry.getResourceInvoker(LocatorRegistry.java:79) at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:129) at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:107) at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:133) at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:107) at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:133) at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:101) at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:395) at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:202) at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:221) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129) at org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:90) at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284) at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263) at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:174) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745)

8 years, 3 months

3
8
0 / 0

Current event not START_ELEMENT error in keycloak-2.1.0.Final

by Aman Jaiswal

Hi I am trying to rum keycloak-2.1.0.Final and getting following error please help me to solve this... /home/ubuntu/keycloak/keycloak-2.1.0.Final/bin/standalone.sh --debug --server-config=standalone-ha.xml -b=$ip -Djava.net.preferIPv4Stack=true -Djboss.default.jgroups.stack=s3 -Djgroups.s3.bucket=keycloak-dev -Djgroups.s3.access_key=AKIAJLZZOFCWT37CYAXQ -Djgroups.s3.secret_access_key=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 -Djgroups.management.address=$ip ========================================================================= JBoss Bootstrap Environment JBOSS_HOME: /home/ubuntu/keycloak/keycloak-2.1.0.Final JAVA: java JAVA_OPTS: -server -Xms64m -Xmx512m -XX:MetaspaceSize=96M -XX:MaxMetaspaceSize=256m -Djava.net.preferIPv4Stack=true -Djboss.modules.system.pkgs=org.jboss.byteman -Djava.awt.headless=true -agentlib:jdwp=transport=dt_socket,address=8787,server=y,suspend=n ========================================================================= Listening for transport dt_socket at address: 8787 09:33:56,270 INFO [org.jboss.modules] (main) JBoss Modules version 1.5.1.Final 09:33:56,530 INFO [org.jboss.msc] (main) JBoss MSC version 1.2.6.Final 09:33:56,626 INFO [org.jboss.as] (MSC service thread 1-4) WFLYSRV0049: Keycloak 2.1.0.Final (WildFly Core 2.0.10.Final) starting 09:33:57,251 ERROR [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0055: Caught exception during boot: org.jboss.as.controller.persistence.ConfigurationPersistenceException: WFLYCTL0085: Failed to parse configuration at org.jboss.as.controller.persistence.XmlConfigurationPersister.load(XmlConfigurationPersister.java:131) at org.jboss.as.server.ServerService.boot(ServerService.java:356) at org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:299) at java.lang.Thread.run(Thread.java:745) Caused by: java.lang.IllegalStateException: Current event not START_ELEMENT at com.ctc.wstx.sr.BasicStreamReader.getAttributeValue(BasicStreamReader.java:625) at org.jboss.staxmapper.XMLExtendedStreamReaderImpl.getAttributeValue(XMLExtendedStreamReaderImpl.java:240) at org.jboss.as.controller.parsing.ParseUtils.invalidAttributeValue(ParseUtils.java:150) at org.jboss.as.controller.parsing.ExtensionXml.parseExtensions(ExtensionXml.java:119) at org.jboss.as.server.parsing.StandaloneXml$DefaultExtensionHandler.parseExtensions(StandaloneXml.java:126) at org.jboss.as.server.parsing.StandaloneXml_4.readServerElement(StandaloneXml_4.java:218) at org.jboss.as.server.parsing.StandaloneXml_4.readElement(StandaloneXml_4.java:141) at org.jboss.as.server.parsing.StandaloneXml.readElement(StandaloneXml.java:103) at org.jboss.as.server.parsing.StandaloneXml.readElement(StandaloneXml.java:49) at org.jboss.staxmapper.XMLMapperImpl.processNested(XMLMapperImpl.java:110) at org.jboss.staxmapper.XMLMapperImpl.parseDocument(XMLMapperImpl.java:69) at org.jboss.as.controller.persistence.XmlConfigurationPersister.load(XmlConfigurationPersister.java:123) ... 3 more 09:33:57,253 FATAL [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0056: Server boot has failed in an unrecoverable manner; exiting. See previous messages for details. 09:33:57,302 INFO [org.jboss.as.server] (Thread-2) WFLYSRV0220: Server shutdown has been requested. 09:33:57,336 INFO [org.jboss.as] (MSC service thread 1-2) WFLYSRV0050: Keycloak 2.1.0.Final (WildFly Core 2.0.10.Final) stopped in 12ms ubuntu@ip-10-1-6-128:~$ emacs keycloak/keycloak-2.1.0.Final/standalone/configuration/standalone-ha.xmlubuntu@ip-10-1-6-128 :~$ /home/ubuntu/keycloak/keycloak-2.1.0.Final/bin/standalone.sh --debug --server-config=standalone-ha.xml -b=$ip -Djava.net.preferIPv4Stack=true -Djboss.default.jgroups.stack=s3 -Djgroups.s3.bucket=keycloak-dev -Djgroups.s3.access_key=AKIAJLZZOFCWT37CYAXQ -Djgroups.s3.secret_access_key=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 -Djgroups.management.address=$ip ========================================================================= JBoss Bootstrap Environment JBOSS_HOME: /home/ubuntu/keycloak/keycloak-2.1.0.Final JAVA: java JAVA_OPTS: -server -Xms64m -Xmx512m -XX:MetaspaceSize=96M -XX:MaxMetaspaceSize=256m -Djava.net.preferIPv4Stack=true -Djboss.modules.system.pkgs=org.jboss.byteman -Djava.awt.headless=true -agentlib:jdwp=transport=dt_socket,address=8787,server=y,suspend=n ========================================================================= Listening for transport dt_socket at address: 8787 09:33:56,270 INFO [org.jboss.modules] (main) JBoss Modules version 1.5.1.Final 09:33:56,530 INFO [org.jboss.msc] (main) JBoss MSC version 1.2.6.Final 09:33:56,626 INFO [org.jboss.as] (MSC service thread 1-4) WFLYSRV0049: Keycloak 2.1.0.Final (WildFly Core 2.0.10.Final) starting 09:33:57,251 ERROR [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0055: Caught exception during boot: org.jboss.as.controller.persistence.ConfigurationPersistenceException: WFLYCTL0085: Failed to parse configuration at org.jboss.as.controller.persistence.XmlConfigurationPersister.load(XmlConfigurationPersister.java:131) at org.jboss.as.server.ServerService.boot(ServerService.java:356) at org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:299) at java.lang.Thread.run(Thread.java:745) Caused by: java.lang.IllegalStateException: Current event not START_ELEMENT at com.ctc.wstx.sr.BasicStreamReader.getAttributeValue(BasicStreamReader.java:625) at org.jboss.staxmapper.XMLExtendedStreamReaderImpl.getAttributeValue(XMLExtendedStreamReaderImpl.java:240) at org.jboss.as.controller.parsing.ParseUtils.invalidAttributeValue(ParseUtils.java:150) at org.jboss.as.controller.parsing.ExtensionXml.parseExtensions(ExtensionXml.java:119) at org.jboss.as.server.parsing.StandaloneXml$DefaultExtensionHandler.parseExtensions(StandaloneXml.java:126) at org.jboss.as.server.parsing.StandaloneXml_4.readServerElement(StandaloneXml_4.java:218) at org.jboss.as.server.parsing.StandaloneXml_4.readElement(StandaloneXml_4.java:141) at org.jboss.as.server.parsing.StandaloneXml.readElement(StandaloneXml.java:103) at org.jboss.as.server.parsing.StandaloneXml.readElement(StandaloneXml.java:49) at org.jboss.staxmapper.XMLMapperImpl.processNested(XMLMapperImpl.java:110) at org.jboss.staxmapper.XMLMapperImpl.parseDocument(XMLMapperImpl.java:69) at org.jboss.as.controller.persistence.XmlConfigurationPersister.load(XmlConfigurationPersister.java:123) ... 3 more 09:33:57,253 FATAL [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0056: Server boot has failed in an unrecoverable manner; exiting. See previous messages for details. 09:33:57,302 INFO [org.jboss.as.server] (Thread-2) WFLYSRV0220: Server shutdown has been requested. 09:33:57,336 INFO [org.jboss.as] (MSC service thread 1-2) WFLYSRV0050: Keycloak 2.1.0.Final (WildFly Core 2.0.10.Final) stopped in 12ms ubuntu@ip-10-1-6-128:~$ emacs keycloak/keycloak-2.1.0.Final/standalone/configuration/standalone-ha.xmlubuntu@ip-10-1-6-128 :~$ -- Thanks, Aman Jaiswal

8 years, 3 months

2
1
0 / 0

Property 'databaseSchema' needs to be specified in the configuration

by Francisco Montada

Hi team we are running Keycloak 2.1.0-Final version using mongo DB but it is not working, we are getting the error below ERROR [org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider] (default task-3) Failed to make identity provider oauth callback: java.lang.RuntimeException: Property 'databaseSchema' needs to be specified in the configuration we have the correct configuration listed on the documentation, but it is not working https://keycloak.gitbooks.io/server-installation-and-configuration/conten... We also see that other person got the same error, http://lists.jboss.org/pipermail/keycloak-user/2016-May/006007.html This is our keycloak-server.json configuration { "providers": [ "classpath:${jboss.home.dir}/providers/*" ], "admin": { "realm": "master" }, "eventsStore": { "provider": "mongo", "mongo": { "exclude-events": [ "REFRESH_TOKEN" ] } }, "realm": { "provider": "mongo" }, "user": { "provider": "mongo" }, "userCache": { "default" : { "enabled": true } }, "userSessionPersister": { "provider": "mongo" }, "authorizationPersister": { "provider": "mongo" }, "timer": { "provider": "basic" }, "theme": { "staticMaxAge": 2592000, "cacheTemplates": true, "cacheThemes": true, "folder": { "dir": "${jboss.home.dir}/themes" } }, "scheduled": { "interval": 900 }, "connectionsHttpClient": { "default": {} }, "connectionsMongo": { "default": { "host": "10.0.22.56", "port": "27017", "db": "ondbook", "user": "appUser", "password" : "password", "connectionsPerHost": 100, "databaseSchema": "update", "schema": "2.1.0.Final" } }, "realmCache": { "default" : { "enabled": true } }, "connectionsInfinispan": { "provider": "default", "default": { "cacheContainer" : "java:comp/env/infinispan/Keycloak" } } } Other problem is that we do not know why the logs is showing JPA connection when we config Mongo Caused by: java.lang.RuntimeException: Property 'databaseSchema' needs to be specified in the configuration at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.lazyInit(DefaultJpaConnectionProviderFactory.java:132) at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.create(DefaultJpaConnectionProviderFactory.java:62) at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.create(DefaultJpaConnectionProviderFactory.java:50) Could someone help us Thanks Francisco

8 years, 3 months

1
0
0 / 0

Cannot get SPNEGO authentication working

by Timothy I. McGinnis

Hello, I am trying to set up SPNEGO authentication through Keycloak. I have installed Keycloak on a windows server, configured a client as shown below and set up the realm in jboss. But I consistently receive the error message GSSException: Defective token detected (Mechanism level: GSSHeader did not find the right tag). I am using IE 11, and the url for the web app is https://gig-jboss-dev.ajga.com:8443/CBN [cid:image001.png@01D20DA5.5995CC40] JBoss web app configuration in standalone.xml ====================================================== <subsystem xmlns="urn:jboss:domain:keycloak:1.1"> <secure-deployment name="cbn-war-17.0.0.16-SNAPSHOT.war"> <realm>master</realm> <resource>CBN</resource> <public-client>true</public-client> <realm-public-key>(key from keycloak)</realm-public-key> <auth-server-url>http://gig-msnet-dev.ajga.com:8080/auth</auth-server-url> <ssl-required>EXTERNAL</ssl-required> </secure-deployment> </subsystem> Log file from keycloak server ======================================================== 2016-09-13 10:47:31,792 INFO [stdout] (default task-19) Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt true ticketCache is null isInitiator false KeyTab is c:\temp\keycloak.keytab refreshKrb5Config is false principal is HTTP/gig-msnet-dev.ajga.com(a)AJGA.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false 2016-09-13 10:47:31,792 INFO [stdout] (default task-19) principal is HTTP/gig-msnet-dev.ajga.com(a)AJGA.COM 2016-09-13 10:47:31,792 INFO [stdout] (default task-19) Will use keytab 2016-09-13 10:47:31,807 INFO [stdout] (default task-19) Commit Succeeded 2016-09-13 10:47:31,807 INFO [stdout] (default task-19) 2016-09-13 10:47:31,807 WARN [org.keycloak.federation.kerberos.impl.SPNEGOAuthenticator] (default task-19) SPNEGO login failed: java.security.PrivilegedActionException: GSSException: Defective token detected (Mechanism level: GSSHeader did not find the right tag) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.Subject.doAs(Subject.java:422) at org.keycloak.federation.kerberos.impl.SPNEGOAuthenticator.authenticate(SPNEGOAuthenticator.java:70) at org.keycloak.federation.kerberos.KerberosFederationProvider.validCredentials(KerberosFederationProvider.java:209) at org.keycloak.models.UserFederationManager.validCredentials(UserFederationManager.java:549) at org.keycloak.authentication.authenticators.browser.SpnegoAuthenticator.authenticate(SpnegoAuthenticator.java:89) at org.keycloak.authentication.DefaultAuthenticationFlow.processFlow(DefaultAuthenticationFlow.java:183) at org.keycloak.authentication.AuthenticationProcessor.authenticateOnly(AuthenticationProcessor.java:792) at org.keycloak.authentication.AuthenticationProcessor.authenticate(AuthenticationProcessor.java:667) at org.keycloak.protocol.AuthorizationEndpointBase.handleBrowserAuthenticationRequest(AuthorizationEndpointBase.java:139) at org.keycloak.protocol.oidc.endpoints.AuthorizationEndpoint.buildAuthorizationCodeAuthorizationResponse(AuthorizationEndpoint.java:341) at org.keycloak.protocol.oidc.endpoints.AuthorizationEndpoint.build(AuthorizationEndpoint.java:160) at sun.reflect.GeneratedMethodAccessor360.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:483) at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:139) at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:295) at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:249) at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:138) at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:107) at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:133) at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:101) at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:395) at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:202) at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:221) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129) at org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:88) at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:285) at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:264) at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:175) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:792) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: GSSException: Defective token detected (Mechanism level: GSSHeader did not find the right tag) at sun.security.jgss.GSSHeader.<init>(GSSHeader.java:97) at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:306) at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:285) at org.keycloak.federation.kerberos.impl.SPNEGOAuthenticator.establishContext(SPNEGOAuthenticator.java:174) at org.keycloak.federation.kerberos.impl.SPNEGOAuthenticator$AcceptSecContext.run(SPNEGOAuthenticator.java:137) at org.keycloak.federation.kerberos.impl.SPNEGOAuthenticator$AcceptSecContext.run(SPNEGOAuthenticator.java:127) ... 60 more 2016-09-13 10:47:31,839 INFO [stdout] (default task-19) [Krb5LoginModule]: Entering logout 2016-09-13 10:47:31,839 INFO [stdout] (default task-19) [Krb5LoginModule]: logged out Subject ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ Confidentiality Notice: The information contained in this communication, including all attachments, is legally protected information, confidential or proprietary information, or a trade secret intended solely for the use of the intended recipient. The information may also be subject to legal privilege. If you are not the intended recipient, you are hereby notified that any use, disclosure, dissemination, distribution, forwarding, or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender by reply Fax or e-mail stating the communication was "received in error" and delete or destroy all copies of this communication, including all attachments.

8 years, 3 months

2
2
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

keycloak-user September 2016