7:04 a.m.
Hi Edgar,
I was trying to reproduce, but wasn't able. The expected format to
invoke this endpoint should be
/auth/admin/realms/our-custom-realm/attack-detection/brute-force/users
/{userId} so I understand why it fails. But I am not seeing anything in
admin console UI, which invokes it from this format.
Feel free to create JIRA if you find steps to reproduce it from clean KC.
Marek
On 07/09/16 13:33, Edgar Vonk - Info.nl wrote:
Hi Marek,
It’s the brute force detection REST endpoint that is causing the issue.
/auth/admin/realms/our-custom-realm/attack-detection/brute-force/users?username=edgar(a)info.nl
gives a: “Failed to load resource: the server responded with a status of 405 (Method Not
Allowed)"
> On 07 Sep 2016, at 12:27, Edgar Vonk - Info.nl <Edgar(a)info.nl> wrote:
>
> Hi Marek,
>
> Thanks for the quick reply. Sorry, forgot to mention that: I did also add the
view-users role. However the issue remains unfortunately.
>
> Will try to find the endpoint in question and report back!
>
> cheers
>
>> On 07 Sep 2016, at 11:24, Marek Posolda <mposolda(a)redhat.com> wrote:
>>
>> I guess you need to add "view-users" role as well?
>>
>> For tracking, you can try to enable FF plugin like Firebug (or similar in Chrome)
and see what REST endpoint exactly returns 405 and what role it requires.
>>
>> Marek
>>
>> On 07/09/16 10:55, Edgar Vonk - Info.nl wrote:
>>> Using a specific user admin account that is part of our Keycloak customers
realm (not the master realm) with permissions to edit users only (manage-users
realm-management role) whenever I click on a user in the Keycloak admin interface (Manage
- Users) I get a "Error! An unexpected server error has occurred” with the stacktrace
below in the logs. All actions do seem to work properly however. It also happens when I
create a user, but also there the user is created just fine it seems.
>>>
>>> I am guessing it is a permission issue on some REST endpoint in the admin
interface or something?
>>>
>>>
>>> [0m[31m08:14:06,715 ERROR [org.jboss.resteasy.resteasy_jaxrs.i18n] (default
task-40) RESTEASY002010: Failed to execute: javax.ws.rs.NotAllowedException:
RESTEASY003650: No resource method found for GET, return 405 with Allow header
>>> at org.jboss.resteasy.core.registry.SegmentNode.match(SegmentNode.java:377)
>>> at org.jboss.resteasy.core.registry.SegmentNode.match(SegmentNode.java:116)
>>> at org.jboss.resteasy.core.registry.RootNode.match(RootNode.java:43)
>>> at
org.jboss.resteasy.core.LocatorRegistry.getResourceInvoker(LocatorRegistry.java:79)
>>> at
org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:129)
>>> at
org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:107)
>>> at
org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:133)
>>> at
org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:107)
>>> at
org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:133)
>>> at
org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:101)
>>> at
org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:395)
>>> at
org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:202)
>>> at
org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:221)
>>> at
org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56)
>>> at
org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51)
>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
>>> at
io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85)
>>> at
io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
>>> at
org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:90)
>>> at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60)
>>> at
io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
>>> at
io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
>>> at
io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
>>> at
io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
>>> at
org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
>>> at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
>>> at
io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131)
>>> at
io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
>>> at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
>>> at
io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
>>> at
io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
>>> at
io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
>>> at
io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
>>> at
io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
>>> at
io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
>>> at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
>>> at
org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
>>> at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
>>> at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
>>> at
io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284)
>>> at
io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263)
>>> at
io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)
>>> at
io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:174)
>>> at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202)
>>> at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793)
>>> at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
>>> at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
>>> at java.lang.Thread.run(Thread.java:745)
>>>
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user(a)lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user