June 2019 - keycloak-user - Jboss List Archives

SAML Response Retrieval using Jsoup for Keycloak

by Siddiq Syed

Hi ., I am trying to retrieve SAML Assertion by invoking the URL() to get the AWS temporary credentials. I can do is successfully when trying to invoke it from the browser but when I am trying to invoke it programatically using Jsoup I am getting the below error. "You took too long to login. Login process starting from beginning." Here are the steps that I am following: Invoking the URL http://testserver:8082/auth/realms/master/protocol/saml/clients/amazon-aws to get the Cookie(AUTH_SESSION_ID,KC_RESTART) and get the URL http://testserver:8090/auth/realms/master/login-actions/authenticate?sess... Once I get this I am invoking the Login-action url as show below by passing the username,password and the cookie to the request. http://vmdcstestlemswsapp1.dcs.ga.gov:8090/auth/realms/master/login-actio... I am getting the error "You took too long to login. Login process starting from beginning." The same steps works from the browser but when getting it from jsoup it is giving me the error. Is there any setting that I am missing that I need to configure to retrieve SAML Response. -Siddiq.,

5 years, 7 months

1
0
0 / 0

Client Admin javascript

by Fabio Ebner

There is one javascript client framework to keycloak? tks

5 years, 7 months

1
0
0 / 0

Help for using Keycloak in Spring Boot

by Ali Ahmadzadeh Asl

Hi First of all, excuse me for poor English. I am trying to use Keycloak in Spring Boot 2, I read many articles about this matter, such as follow link: https://www.keycloak.org/docs/2.5/securing_apps/topics/oidc/java/spring-b... There was an issue that i can't resolve it. Resource and policy and permissions defined in admin panel for client, does not any effect on my server. For example I defined a resource for URL pattern /rest/* and a policy for having ROLE_REST, also I defined a permission for mapping this resource and policy. But after running the server, I can use rest services without any limitation and authentication. Now the question is: How can I manage Spring Boot application security and permissions from Keycloak admin panel? Thank you

5 years, 7 months

4
8
0 / 0

Keycloak, SpringBoot, and Swagger-UI

by Ali Ahmadzadeh Asl

Hi Dears I have a Spring Boot project which uses Swagger-UI library for describing and testing REST services. Everything was ok until I added Keycloak library and settings to my project. The Keycloak settings are: keycloak.realm=my-realm keycloak.resource=my-app keycloak.ssl-required=external keycloak.enable-basic-auth=true keycloak.autodetect-bearer-only=true keycloak.use-resource-role-mappings=true keycloak.principal-attribute=preferred_username keycloak.auth-server-url=http://localhost:8080/auth keycloak.credentials.secret=f3776b88-2600-44fa-83ec-67cb72fa0000 keycloak.policy-enforcer-config.on-deny-redirect-to=/access-denied keycloak.securityConstraints[0].authRoles[0] = USER keycloak.securityConstraints[0].securityCollections[0].name = default keycloak.securityConstraints[0].securityCollections[0].patterns[0] = /* Now, when a logged in user wants to see Swagger-UI page using a URL like http://127.0.0.1:6060/swagger-ui.html, a message containing bellow text and a text box shown: "Unable to infer base url. This is common when using dynamic servlet registration or when the API is behind an API Gateway. The base url is the root of where all the swagger resources are served. For e.g. if the api is available at http://example.org/api/v2/api-docs then the base url is http://example.org/api/. Please enter the location manually: " But the JSON of services' definitions is accessible from http://127.0.0.1:6060/v2/api-docs address. Can anybody help me to solve this problem? What is the reason for this matter? How can I resolve? Thanks

5 years, 7 months

1
1
0 / 0

UserRepresentation enabled Boolean

by Matthew Broadhead

org.keycloak.representations.idm.UserRepresentation (https://github.com/keycloak/keycloak/blob/master/core/src/main/java/org/k...) has a property enabled which is of type java.lang.Boolean. Technically this should have getters and setters of getEnabled and setEnabled. A type boolean would have isEnabled and setEnabled. This stops it from working with JSF (https://stackoverflow.com/questions/14400222/boolean-properties-starting-...) This also applies to totp and emailVerified in the same class.

5 years, 7 months

2
3
0 / 0

Occasionally Bad Requests

by Nils Christian Ehmke

Hi, We are having an issue with Keycloak in our application. The user gets occasionally a "bad request" error. This can be easily forced by opening multiple tabs to the application which load concurrently (so this might be an issue with concurrent requests). If the error occurs, the browser stops at an url of the form .../sso/login?state=... Some details about our application that might be important: * We use the Spring Boot Keycloak adapter multiple times in the same JVM as we start multiple embedded Tomcats. * The error seems to occur only when using a link from one of these embedded Tomcats to another. * The application is behind an Apache which handles SSL and acts as a (reverse) proxy. Can you give us any hints and possible reasons? Or maybe a hint how to approach the problem? Thanks and best regards, Nils

5 years, 7 months

1
0
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

keycloak-user June 2019