July 2017 - keycloak-user - Jboss List Archives

RHSSO 7.1 missing "login with email" toggle for realm configuration

by Geadah, Nicolas (VEC)

KeyCloak 2.5.0 added the ability to control whether users should able to login with their email address, and the ability to support duplicate email addresses. We need these features and I was expecting to see them in RHSSO 7.1 (considering it is derived from Keycloak 2.5.5) Unfortunately, I noticed that these features are not in the administrative console when configuring my realm. It seems to boil down to missing

7 years, 4 months

1
1
0 / 0

NoSuchMethodError: org.keycloak.models.KeycloakSession.userCache()

by Geadah, Nicolas (VEC)

Running the "authenticator" example provider in RedHat SSO 7.1. The provider (Secret Question) comes up in the admin console, and I'm able to make it a required action as part of the registration flow. When going through the registration process in the browser, the security question page is rendered (security-question-config.ftl) but submitting the security answer leads to exception below: org.jboss.resteasy.spi.UnhandledException: java.lang.NoSuchMethodError: org.keycloak.models.KeycloakSession.userCache()Lorg/keycloak/models/cache/UserCache; Any thoughts on how to resolve?

7 years, 4 months

1
0
0 / 0

org.apache.catalina.authenticator.FormAuthenticator.forwardToLoginPage No login page was defined for FORM authentication in context

by Kevin Cuijpers

I have tried to use the same setup with Tomcat 7.0.65 with the SAML 2.0 Client Adapter for Tomcat 7 and there the example works. I am able to log in and see my account settings as expected so it is indeed related to Tomcat 8. When I look at the source of the SAML 2.0 Client Adapter for Tomcat 8 I see: public class KeycloakAuthenticatorValve extends AbstractKeycloakAuthenticatorValve { /** * Method called by Tomcat < 8.5.5 */ public boolean authenticate(Request request, HttpServletResponse response) throws IOException { return authenticateInternal(request, response, request.getContext().getLoginConfig()); } /** * Method called by Tomcat >= 8.5.5 */ protected boolean doAuthenticate(Request request, HttpServletResponse response) throws IOException { return this.authenticate(request, response); } So the fix mentioned in https://issues.jboss.org/browse/KEYCLOAK-3669?attachmentViewMode=list Is in it, but is not solving the problem. Can anyone please help? Kevin From: Kevin Cuijpers Sent: Monday, July 24, 2017 4:19 PM To: 'keycloak-user(a)lists.jboss.org' <keycloak-user(a)lists.jboss.org<mailto:keycloak-user@lists.jboss.org>> Subject: org.apache.catalina.authenticator.FormAuthenticator.forwardToLoginPage No login page was defined for FORM authentication in context Hello, I am trying to use the SAML 2.0 Client Adapter for Tomcat 8.5.8. I downloaded keycloak-saml-tomcat8-adapter-dist-3.2.1.Final and installed it in the lib folder of Tomcat. I followed the instructions from app-profile-saml-jee-jsp quickstart to set up the Client. I added following context.xml: <Context path="app"> <WatchedResource>WEB-INF/web.xml</WatchedResource> <WatchedResource>${catalina.base}/conf/web.xml</WatchedResource>  <Valve className="org.keycloak.adapters.saml.tomcat.SamlAuthenticatorValve"/> </Context> I copied the files from app-profile-saml-jee-jsp quickstart into a separate project (see attached demo.zip) to make the war. Tomcat starts up correctly and I see the Please login page when I go to http://localhost:8080/app/ When I click on LOGIN I get a 500 error page and following error: org.apache.catalina.authenticator.FormAuthenticator.forwardToLoginPage No login page was defined for FORM authentication in context [/app] I found an old mailing with similar problem: http://lists.jboss.org/pipermail/keycloak-user/2016-November/008380.html pointing to an issue that should have been solved: https://issues.jboss.org/browse/KEYCLOAK-3669?attachmentViewMode=list It is unclear what I need to do to make this simple example work or what needs to be changed to the adapter. Please help. Kevin Cuijpers

7 years, 4 months

2
1
0 / 0

RH SSO 7.1.1 derived from Keycloak x.y.z?

by Adrian Matei

Hello guys, Does anyone know from which Keycloak Version is the RH SSO 7.1.1 patch derived from? Thanks, Adrian

7 years, 4 months

3
3
0 / 0

Hitting error -- "Didn't find publicKey for specified kid"

by Rajesh Ghosh

Hi, I am trying to secure my REST services using the method described in the document -- http://blog.keycloak.org/2015/10/getting-started-with-keycloak-securing.html I am securing my war using JBoss subsystem , instead of per-war option. The relevant sections from my standalone.xml are posted below. <extensions> ...... <extension module="org.keycloak.keycloak-adapter-subsystem"/> </extensions> <security-domains> ..... <security-domain name="keycloak"> <authentication> <login-module code="org.keycloak.adapters.jboss.KeycloakLoginModule" flag="required"/> </authentication> </security-domain> </security-domains> <subsystem xmlns="urn:jboss:domain:keycloak:1.1"> <secure-deployment name="my war file.war"> <realm>bkofc</realm> <resource>bkofc-svc</resource> <use-resource-role-mappings>true</use-resource-role-mappings> <bearer-only>true</bearer-only> <auth-server-url>http://192.168.99.100/30001/auth </auth-server-url> <ssl-required>none</ssl-required> <credential name="secret">9bcc6d9f-9c72-4b58-b297-79f0f207d9e1</credential> </secure-deployment> </subsystem> I am able to obtain the access token. curl -i curl --data "grant_type=password&client_id=bkofc-web&username=user&password=password" http://192.168.99.100:30001/auth/realms/bkofc/protocol/openid-connect/token Note:- I have created 2 clients -- i) bkofc-svc which is bearer only, for my REST services ii) bkofc-web , a public client to simulate UI login However when I try to use the access token to invoke a service, I am getting the error - Status: 401 WWW-Authenticate Bearer realm="bkofc", error="invalid_token", error_description="Didn't find publicKey for specified kid" Please let me know if I am missing something here. I have been breaking my head last few days without any luck ! I have also tried rotating the realm keys. Thanks, Rajesh

7 years, 4 months

3
20
0 / 0

Custom FormAction - NoClassDefFoundError org/keycloak/services/validation/Validation

by Geadah, Nicolas (VEC)

I built a custom FormAction/FormActionFactory to provide additional behavior in the registration flow. I'm able to build the JAR, deployment to JBoss works, and the action shows up in the "add execution" in the admin console. Now when going through the registration process, the FormAction is definitely triggered but an immediate error is thrown: org.jboss.resteasy.spi.UnhandledException: java.lang.NoClassDefFoundError: org/keycloak/services/validation/Validation Seems like something missing in my jboss-deployment-structure.xml file? Here is the file as it stands currently - what do I need to add for the necessary module to be loaded? This is in RHSSO 7.1. <?xml version="1.0" encoding="UTF-8"?> <jboss-deployment-structure> <deployment> <dependencies> <module name="org.keycloak.keycloak-server-spi-private" /> </dependencies> </deployment> </jboss-deployment-structure>

7 years, 4 months

2
1
0 / 0

Keycloak 3.2.1.Final released

by Marek Posolda

Keycloak 3.2.1.Final has just been released. This release doesn't contain any new features. However there are few fixed bugs related to authorization services and new permissions for admin REST API. To download the release go to the Keycloak homepage <http://www.keycloak.org/downloads>. The full list of resolved issues is available in JIRA <https://issues.jboss.org/issues/?jql=project%20%3D%20keycloak%20and%20fix...> . Upgrading Before you upgrade remember to backup your database and check the migration guide <https://keycloak.gitbooks.io/documentation/server_admin/topics/MigrationF...> .

7 years, 4 months

2
2
0 / 0

org.apache.catalina.authenticator.FormAuthenticator.forwardToLoginPage No login page was defined for FORM authentication in context

by Kevin Cuijpers

Hello, I am trying to use the SAML 2.0 Client Adapter for Tomcat 8.5.8. I downloaded keycloak-saml-tomcat8-adapter-dist-3.2.1.Final and installed it in the lib folder of Tomcat. I followed the instructions from app-profile-saml-jee-jsp quickstart to set up the Client. I added following context.xml: <Context path="app"> <WatchedResource>WEB-INF/web.xml</WatchedResource> <WatchedResource>${catalina.base}/conf/web.xml</WatchedResource>  <Valve className="org.keycloak.adapters.saml.tomcat.SamlAuthenticatorValve"/> </Context> I copied the files from app-profile-saml-jee-jsp quickstart into a separate project (see attached demo.zip) to make the war. Tomcat starts up correctly and I see the Please login page when I go to http://localhost:8080/app/ When I click on LOGIN I get a 500 error page and following error: org.apache.catalina.authenticator.FormAuthenticator.forwardToLoginPage No login page was defined for FORM authentication in context [/app] I found an old mailing with similar problem: http://lists.jboss.org/pipermail/keycloak-user/2016-November/008380.html pointing to an issue that should have been solved: https://issues.jboss.org/browse/KEYCLOAK-3669?attachmentViewMode=list It is unclear what I need to do to make this simple example work or what needs to be changed to the adapter. Please help. Kevin Cuijpers

7 years, 4 months

1
0
0 / 0

Keycloak won't allow me to select my theme from drop-down list

by Kamil Kapturkiewicz

Hi, I am trying to upgrade Keycloak step by step from very old 1.4.0 version to the latest one. However between version 1.8 and 1.9.8 default themes folder has been changed, and since that I can't see my theme on drop-down list in Realms Settings -> Themes -> Email / Login. What I can see in log is: 10:39:14,181 ERROR [org.keycloak.theme.ExtendingThemeManager] (default task-14) Failed to find LOGIN theme my_theme, using built-in themes 10:39:14,745 ERROR [org.keycloak.theme.ExtendingThemeManager] (default task-16) Failed to find LOGIN theme my_theme, using built-in themes which means it can see it but won't allow me to use it for some reason. I also tried to clear cache, but with no luck. My theme.properties: parent=base import=common/keycloak styles=css/login.css meta=viewport==width=device-width,initial-scale=1 kcFormGroupClass=ck-form-group-class kcFormOptionsWrapperClass=ck-form-options-wrapper-class I went through Keycloak directory structure but found nothing related to themes. brgds,

7 years, 4 months

1
1
0 / 0

keycloak.json not found

by Viggo Navarsete

Hi, I've tested the two following tutorials: https://github.com/keycloak/keycloak-quickstarts/tree/latest/app-jee-html5 https://github.com/keycloak/keycloak-quickstarts/tree/latest/app-profile-... When I look into the console output it seems that the keycloak.json aren't found, get a 404 on both cases, even though it is bundled into the war files under WEB-INF in both cases (placed in the config folder of the project). Please see screenshots here: https://imagebin.ca/v/3UOsxvGZ5wUf https://imagebin.ca/v/3UOtCb4NIrJE Regards, Viggo

7 years, 4 months

2
3
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

keycloak-user July 2017