10:02 a.m.
Hi Craig,
i'm not an expert, but here is what i did to set my execution value to
REQUIRED :
create a json with
{"id":[ID_OF_YOUR_EXECUTION],"requirement":"REQUIRED"}
put it in a file my_file.json
you can have the id of you execution using this command
./kcadm.sh get authentication/flows/[your_flow]/executions --format csv -r
$keycloak_new_realm --fields id | tr -d '\n'
and you can import the file using this command :
./kcadm.sh update authentication/flows/[your_flow]/executions -r
$keycloak_new_realm -f my_file.json
There is probably a better way but i didn't found it
hope it helps
Amaury
On Mon, Oct 15, 2018 at 1:07 PM <keycloak-user-request(a)lists.jboss.org>
wrote:
Send keycloak-user mailing list submissions to
keycloak-user(a)lists.jboss.org
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.jboss.org/mailman/listinfo/keycloak-user
or, via email, send a message with subject or body 'help' to
keycloak-user-request(a)lists.jboss.org
You can reach the person managing the list at
keycloak-user-owner(a)lists.jboss.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of keycloak-user digest..."
Today's Topics:
1. Setting authentication execution requirement via kcadm.sh?
(Craig Setera)
2. org.keycloak.broker.oidc.mappers.ClaimToRoleMapper does not
update user roles (Philippe Gauthier)
3. Re: Unrecognized field "authenticationFlowBindingOverrides"
(Fabio Ebner)
----------------------------------------------------------------------
Message: 1
Date: Mon, 15 Oct 2018 07:21:30 -0500
From: Craig Setera <craig(a)baseventure.com>
Subject: [keycloak-user] Setting authentication execution requirement
via kcadm.sh?
To: keycloak-user(a)lists.jboss.org
Message-ID:
<
CAPVdwjq1oyjCom4_A0TBJ8m3KBCgit5nOqMCGqKP4t2RU6zb5Q(a)mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"
I'm trying to figure out if it is possible to set the "requirement" level
of an execution that is created for an authentication flow via the kcadm
tool. I have a shell script that I'm using to set up the Keycloak
configuration that looks like the following:
*echo "Creating new authentication flow..."AUTO_LINK_FLOW_ID=`${KCADM}
create authentication/flows --id -r ${REALM_NAME} -s
alias="FirstBrokerLoginAutoLink" -s providerId="basic-flow" -s
topLevel=true`*
*echo "Adding unique authenticator..."${KCADM} create
authentication/flows/FirstBrokerLoginAutoLink/executions/execution --id -r
${REALM_NAME} \ -s provider=idp-create-user-if-unique -s
requirement=ALTERNATIVE -s priority=10*
*echo "Adding auto link authenticator..."${KCADM} create
authentication/flows/FirstBrokerLoginAutoLink/executions/execution -r
${REALM_NAME} \ -s provider=idp-auto-link -s requirement=ALTERNATIVE -s
priority=20*
With this script, I'm seeing the flow and executions created, but the
requirement seems to be ignored. In this case, the executions are always
set to DISABLED. I've tried to follow that up with an update call that
looks like this:
*echo "Adding unique authenticator..."EXECUTION_ID=`${KCADM} create
authentication/flows/FirstBrokerLoginAutoLink/executions/execution --id -r
${REALM_NAME} \ -s provider=idp-create-user-if-unique -s
requirement=ALTERNATIVE -s priority=10`${KCADM} update
authentication/flows/FirstBrokerLoginAutoLink/executions -r ${REALM_NAME}
\ -s id=${EXECUTION_ID} -s requirement=ALTERNATIVE*
However, that is failing with the following error:
*HTTP request error: Can not deserialize instance of
com.fasterxml.jackson.databind.node.ObjectNode out of START_ARRAY tokenat
[Source: [B@527ee8a7; line: 1, column: 1]*
Can anyone offer any suggestions on how to get this authentication flow
properly configured so that the executions are set to ALTERNATIVE?
Thanks!
Craig
=================================
*Craig Setera*
*Chief Technology Officer*
------------------------------
Message: 2
Date: Mon, 15 Oct 2018 12:45:04 +0000
From: Philippe Gauthier <philippe.gauthier(a)inspq.qc.ca>
Subject: [keycloak-user]
org.keycloak.broker.oidc.mappers.ClaimToRoleMapper does not update
user roles
To: "keycloak-user(a)lists.jboss.org" <keycloak-user(a)lists.jboss.org>
Cc: ?tienne Sadio <etienne.sadio(a)inspq.qc.ca>
Message-ID:
<
YTOPR0101MB141798E50DFEF73BB8C32857B1FD0(a)YTOPR0101MB1417.CANPRD01.PROD.OUTLOOK.COM
>
Content-Type: text/plain; charset="iso-8859-1"
Hi
I saw a 2017 post from Simon Payne about ClaimToRoleMapper and I cannot
find any answers for his question.
http://lists.jboss.org/pipermail/keycloak-user/2017-October/012129.html
This post was about ClaimToRoleMapper class of the OIDC broker component.
This class search for a claim, check for its value and grant a role if the
value is equals to the value specified in the configuration.
If the user from the IdP is not known by Keycloak, it will be created by
the First Broker Login Flow and the role will be granted.
If the user is already known by Keycloak, he have the role specified by
the mapper and he don't have the claim anymore, the role will be revocated.
But. If the user is known by Keycloak, he don't have the role specified by
the mapper and he have the claim, Keycloak does not grant him the role.
It is clear why it does this in the code but it is not clear why this have
been done that way:
Here is the code.
@Override
public void importNewUser(KeycloakSession session, RealmModel realm,
UserModel user, IdentityProviderMapperModel mapperModel,
BrokeredIdentityContext context) {
String roleName = mapperModel.getConfig().get(ConfigConstants.ROLE);
if (hasClaimValue(mapperModel, context)) {
RoleModel role = KeycloakModelUtils.getRoleFromString(realm,
roleName);
if (role == null) throw new IdentityBrokerException("Unable to
find role: " + roleName);
user.grantRole(role);
}
}
@Override
public void updateBrokeredUser(KeycloakSession session, RealmModel
realm, UserModel user, IdentityProviderMapperModel mapperModel,
BrokeredIdentityContext context) {
String roleName = mapperModel.getConfig().get(ConfigConstants.ROLE);
if (!hasClaimValue(mapperModel, context)) {
RoleModel role = KeycloakModelUtils.getRoleFromString(realm,
roleName);
if (role == null) throw new IdentityBrokerException("Unable to
find role: " + roleName);
user.deleteRoleMapping(role);
}
/* Maybe we should add an else here that does what the importNewUser
does.
}
Thankyou
Philippe Gauthier.
------------------------------
Message: 3
Date: Mon, 15 Oct 2018 09:53:48 -0300
From: Fabio Ebner <fabio.ebner(a)lumera.com.br>
Subject: Re: [keycloak-user] Unrecognized field
"authenticationFlowBindingOverrides"
To: Marek Posolda <mposolda(a)redhat.com>
Cc: keycloak-user(a)lists.jboss.org
Message-ID:
<
CAFxMZba+qwDnfkrggWXn6U+iY_hZYpMJ0CzMYvrtYgMmL3rQ9g(a)mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"
Marek tks I was using a old version in my pom. but after I put the correct
4.5.0.Final when I try to start my project throw an exception:
Caused by: java.lang.NoClassDefFoundError:
org/springframework/boot/web/server/WebServerFactoryCustomizer
Look in the google say that class are only in springboot > 2 so I update my
project to Springboot 2.0.5.Final, now my project start but when I try to
access any url I got the error:
in a loop:
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
2018-10-15 09:50:12.363 ERROR 20936 --- [nio-8081-exec-2]
o.a.c.c.C.[Tomcat].[localhost] : Exception Processing
/favicon.ico
java.lang.StackOverflowError: null
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at or
.....
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
2018-10-15 09:50:12.387 ERROR 20936 --- [nio-8081-exec-2]
o.a.c.c.C.[.[.[/].[dispatcherServlet] : Servlet.service() for servlet
[dispatcherServlet] threw exception
java.lang.StackOverflowError: null
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
......
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
2018-10-15 09:50:12.399 ERROR 20936 --- [nio-8081-exec-2]
o.a.c.c.C.[Tomcat].[localhost] : Exception Processing
ErrorPage[errorCode=0, location=/error]
javax.servlet.ServletException: Filter execution threw an exception
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:200)
~[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:728)
~[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:472)
~[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:395)
~[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:316)
~[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.catalina.core.StandardHostValve.custom(StandardHostValve.java:395)
[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.catalina.core.StandardHostValve.status(StandardHostValve.java:254)
[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.catalina.core.StandardHostValve.throwable(StandardHostValve.java:349)
[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155)
[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:800)
[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:806)
[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.tomcat.util.net
.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1498)
[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.tomcat.util.net
.SocketProcessorBase.run(SocketProcessorBase.java:49)
[tomcat-embed-core-8.5.34.jar:8.5.34]
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
[na:1.8.0_162]
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
[na:1.8.0_162]
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
[tomcat-embed-core-8.5.34.jar:8.5.34]
at java.lang.Thread.run(Thread.java:748) [na:1.8.0_162]
Caused by: java.lang.StackOverflowError: null
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
....
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
2018-10-15 09:50:12.425 ERROR 20936 --- [nio-8081-exec-2]
o.a.c.c.C.[.[.[/].[dispatcherServlet] : Servlet.service() for servlet
[dispatcherServlet] threw exception
java.lang.StackOverflowError: null
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at org.keycloak.ada
....
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
2018-10-15 09:50:12.437 ERROR 20936 --- [nio-8081-exec-2]
o.a.c.c.C.[Tomcat].[localhost] : Exception Processing
ErrorPage[errorCode=0, location=/error]
javax.servlet.ServletException: Filter execution threw an exception
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:200)
~[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:728)
~[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:472)
~[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:395)
~[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:316)
~[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.catalina.core.StandardHostValve.custom(StandardHostValve.java:395)
[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.catalina.core.StandardHostValve.status(StandardHostValve.java:254)
[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.catalina.core.StandardHostValve.throwable(StandardHostValve.java:349)
[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:175)
[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:800)
[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:806)
[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.tomcat.util.net
.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1498)
[tomcat-embed-core-8.5.34.jar:8.5.34]
at
org.apache.tomcat.util.net
.SocketProcessorBase.run(SocketProcessorBase.java:49)
[tomcat-embed-core-8.5.34.jar:8.5.34]
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
[na:1.8.0_162]
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
[na:1.8.0_162]
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
[tomcat-embed-core-8.5.34.jar:8.5.34]
at java.lang.Thread.run(Thread.java:748) [na:1.8.0_162]
Caused by: java.lang.StackOverflowError: null
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
at org.key
Em seg, 15 de out de 2018 ?s 04:19, Marek Posolda <mposolda(a)redhat.com>
escreveu:
> I think the field "authenticationFlowBindingOverrides" was added in some
> Keycloak 4.X version. I suggest to update Keycloak dependencies versions
> in your pom from 3.4.3.Final to same version, which your Keycloak server
> is.
>
> Marek
>
> On 13/10/18 04:18, Fabio Ebner wrote:
> > When I try to get my client wit this code:
> >
> > ClientRepresentation app1Client =
> >
realmResource.clients().findByClientId("central-api").get(0);
> >
> >
> > that error return:
> >
> > javax.ws.rs.client.ResponseProcessingException:
> > javax.ws.rs.ProcessingException:
> > com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException:
> > Unrecognized field "authenticationFlowBindingOverrides" (class
> > org.keycloak.representations.idm.ClientRepresentation), not marked as
> > ignorable (38 known properties: "enabled",
"clientAuthenticatorType",
> > "redirectUris", "clientId",
"authorizationServicesEnabled", "name",
> > "implicitFlowEnabled", "registeredNodes",
"nodeReRegistrationTimeout",
> > "publicClient", "attributes", "protocol",
"webOrigins",
> "protocolMappers",
> > "id", "baseUrl", "surrogateAuthRequired",
"adminUrl",
"fullScopeAllowed",
> > "frontchannelLogout", "clientTemplate",
"directGrantsOnly", "rootUrl",
> > "secret", "useTemplateMappers", "notBefore",
"useTemplateScope",
> > "standardFlowEnabled", "description",
"directAccessGrantsEnabled",
> > "useTemplateConfig", "serviceAccountsEnabled",
"consentRequired",
> "access",
> > "bearerOnly", "registrationAccessToken",
"defaultRoles",
> > "authorizationSettings"])
> >
> >
> >
> > this is my pom.
> >
> > <!--keycloak-->
> > <dependency>
> > <groupId>org.keycloak</groupId>
> > <artifactId>keycloak-spring-security-adapter</artifactId>
> > <version>3.4.3.Final</version>
> > </dependency>
> > <dependency>
> > <groupId>org.keycloak</groupId>
> > <artifactId>keycloak-spring-boot-starter</artifactId>
> > <version>3.4.3.Final</version>
> > </dependency>
> > <dependency>
> > <groupId>org.keycloak</groupId>
> > <artifactId>keycloak-admin-client</artifactId>
> > <version>3.4.3.Final</version>
> > </dependency>
> > <dependency>
> > <groupId>javax.ws.rs</groupId>
> > <artifactId>javax.ws.rs-api</artifactId>
> > <version>2.1</version>
> > </dependency>
> > <!--resteasy-->
> > <dependency>
> > <groupId>org.jboss.resteasy</groupId>
> > <artifactId>resteasy-client</artifactId>
> > <version>3.1.3.Final</version>
> > </dependency>
> > <dependency>
> > <groupId>org.jboss.resteasy</groupId>
> > <artifactId>resteasy-jackson2-provider</artifactId>
> > <version>3.1.3.Final</version>
> > </dependency>
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user(a)lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
>
------------------------------
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
End of keycloak-user Digest, Vol 58, Issue 37
*********************************************
2:36 p.m.
I spent way more time on this than I'd like to admit, but finally came up
with a "general" solution.
#
# Set the requirement value for a particular flow's
# execution
#
# Expected parameters:
# $1 - The authentication flow alias
# $2 - The execution identifier
# $3 - The required value
#
function setAuthFlowExecutionRequirement {
echo "Setting execution with id $2 in flow $1 to $3..."
${KCADM} get authentication/flows/$1/executions -r ${REALM_NAME} | \
jq --arg exec_id $2 --arg requirement $3 'map(select(.id |
contains($exec_id))) | .[0] | .requirement |= $requirement' | \
${KCADM} update authentication/flows/$1/executions -r ${REALM_NAME}
-n -f -
}
After a lot of poking around, there were a couple of things that lead to
this difficulty:
- The administration service explicitly ignores the incoming requirement
on the create/POST and always sets the requirement to DISABLED. I'm not
really sure why that might be the case. but significantly complicates
things.
- The only place I could find that I could change it was via the
authentication/flows/$flow_id/executions endpoint. That endpoint expects a
single JSON object containing the fields, including the execution ID
- However, a GET of the same endpoint, returns an array of execution
objects which cannot be used immediately to call the update
Thus, this solution depends on "jq" for a bit of help to take the array of
execution definitions, capture the specific object definition associated
with the execution ID, and update the requirement field of that object
before using it for the update/PUT.
Hopefully this may be useful to others.
Craig
=================================
*Craig Setera*
*Chief Technology Officer*
On Mon, Oct 15, 2018 at 10:02 AM triton oidc <triton.oidc(a)gmail.com> wrote:
Hi Craig,
i'm not an expert, but here is what i did to set my execution value to
REQUIRED :
create a json with
{"id":[ID_OF_YOUR_EXECUTION],"requirement":"REQUIRED"}
put it in a file my_file.json
you can have the id of you execution using this command
./kcadm.sh get authentication/flows/[your_flow]/executions --format csv -r
$keycloak_new_realm --fields id | tr -d '\n'
and you can import the file using this command :
./kcadm.sh update authentication/flows/[your_flow]/executions -r
$keycloak_new_realm -f my_file.json
There is probably a better way but i didn't found it
hope it helps
Amaury
On Mon, Oct 15, 2018 at 1:07 PM <keycloak-user-request(a)lists.jboss.org>
wrote:
> Send keycloak-user mailing list submissions to
> keycloak-user(a)lists.jboss.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://lists.jboss.org/mailman/listinfo/keycloak-user
> or, via email, send a message with subject or body 'help' to
> keycloak-user-request(a)lists.jboss.org
>
> You can reach the person managing the list at
> keycloak-user-owner(a)lists.jboss.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of keycloak-user digest..."
>
>
> Today's Topics:
>
> 1. Setting authentication execution requirement via kcadm.sh?
> (Craig Setera)
> 2. org.keycloak.broker.oidc.mappers.ClaimToRoleMapper does not
> update user roles (Philippe Gauthier)
> 3. Re: Unrecognized field "authenticationFlowBindingOverrides"
> (Fabio Ebner)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Mon, 15 Oct 2018 07:21:30 -0500
> From: Craig Setera <craig(a)baseventure.com>
> Subject: [keycloak-user] Setting authentication execution requirement
> via kcadm.sh?
> To: keycloak-user(a)lists.jboss.org
> Message-ID:
> <
> CAPVdwjq1oyjCom4_A0TBJ8m3KBCgit5nOqMCGqKP4t2RU6zb5Q(a)mail.gmail.com>
> Content-Type: text/plain; charset="UTF-8"
>
> I'm trying to figure out if it is possible to set the "requirement"
level
> of an execution that is created for an authentication flow via the kcadm
> tool. I have a shell script that I'm using to set up the Keycloak
> configuration that looks like the following:
>
>
> *echo "Creating new authentication flow..."AUTO_LINK_FLOW_ID=`${KCADM}
> create authentication/flows --id -r ${REALM_NAME} -s
> alias="FirstBrokerLoginAutoLink" -s providerId="basic-flow" -s
> topLevel=true`*
>
>
>
> *echo "Adding unique authenticator..."${KCADM} create
> authentication/flows/FirstBrokerLoginAutoLink/executions/execution --id -r
> ${REALM_NAME} \ -s provider=idp-create-user-if-unique -s
> requirement=ALTERNATIVE -s priority=10*
>
>
>
>
> *echo "Adding auto link authenticator..."${KCADM} create
> authentication/flows/FirstBrokerLoginAutoLink/executions/execution -r
> ${REALM_NAME} \ -s provider=idp-auto-link -s requirement=ALTERNATIVE -s
> priority=20*
> With this script, I'm seeing the flow and executions created, but the
> requirement seems to be ignored. In this case, the executions are always
> set to DISABLED. I've tried to follow that up with an update call that
> looks like this:
>
>
>
>
>
>
> *echo "Adding unique authenticator..."EXECUTION_ID=`${KCADM} create
> authentication/flows/FirstBrokerLoginAutoLink/executions/execution --id -r
> ${REALM_NAME} \ -s provider=idp-create-user-if-unique -s
> requirement=ALTERNATIVE -s priority=10`${KCADM} update
> authentication/flows/FirstBrokerLoginAutoLink/executions -r ${REALM_NAME}
> \ -s id=${EXECUTION_ID} -s requirement=ALTERNATIVE*
>
> However, that is failing with the following error:
>
>
>
> *HTTP request error: Can not deserialize instance of
> com.fasterxml.jackson.databind.node.ObjectNode out of START_ARRAY tokenat
> [Source: [B@527ee8a7; line: 1, column: 1]*
> Can anyone offer any suggestions on how to get this authentication flow
> properly configured so that the executions are set to ALTERNATIVE?
>
> Thanks!
> Craig
>
> =================================
> *Craig Setera*
>
> *Chief Technology Officer*
>
>
> ------------------------------
>
> Message: 2
> Date: Mon, 15 Oct 2018 12:45:04 +0000
> From: Philippe Gauthier <philippe.gauthier(a)inspq.qc.ca>
> Subject: [keycloak-user]
> org.keycloak.broker.oidc.mappers.ClaimToRoleMapper does not update
> user roles
> To: "keycloak-user(a)lists.jboss.org" <keycloak-user(a)lists.jboss.org>
> Cc: ?tienne Sadio <etienne.sadio(a)inspq.qc.ca>
> Message-ID:
> <
> YTOPR0101MB141798E50DFEF73BB8C32857B1FD0(a)YTOPR0101MB1417.CANPRD01.PROD.OUTLOOK.COM
> >
>
> Content-Type: text/plain; charset="iso-8859-1"
>
> Hi
>
>
> I saw a 2017 post from Simon Payne about ClaimToRoleMapper and I cannot
> find any answers for his question.
>
> http://lists.jboss.org/pipermail/keycloak-user/2017-October/012129.html
>
>
> This post was about ClaimToRoleMapper class of the OIDC broker component.
> This class search for a claim, check for its value and grant a role if the
> value is equals to the value specified in the configuration.
>
>
> If the user from the IdP is not known by Keycloak, it will be created by
> the First Broker Login Flow and the role will be granted.
>
>
> If the user is already known by Keycloak, he have the role specified by
> the mapper and he don't have the claim anymore, the role will be revocated.
>
>
> But. If the user is known by Keycloak, he don't have the role specified
> by the mapper and he have the claim, Keycloak does not grant him the role.
>
>
> It is clear why it does this in the code but it is not clear why this
> have been done that way:
>
>
> Here is the code.
>
> @Override
> public void importNewUser(KeycloakSession session, RealmModel realm,
> UserModel user, IdentityProviderMapperModel mapperModel,
> BrokeredIdentityContext context) {
> String roleName = mapperModel.getConfig().get(ConfigConstants.ROLE);
> if (hasClaimValue(mapperModel, context)) {
> RoleModel role = KeycloakModelUtils.getRoleFromString(realm,
> roleName);
> if (role == null) throw new IdentityBrokerException("Unable to
> find role: " + roleName);
> user.grantRole(role);
> }
> }
>
> @Override
> public void updateBrokeredUser(KeycloakSession session, RealmModel
> realm, UserModel user, IdentityProviderMapperModel mapperModel,
> BrokeredIdentityContext context) {
> String roleName = mapperModel.getConfig().get(ConfigConstants.ROLE);
> if (!hasClaimValue(mapperModel, context)) {
> RoleModel role = KeycloakModelUtils.getRoleFromString(realm,
> roleName);
> if (role == null) throw new IdentityBrokerException("Unable to
> find role: " + roleName);
> user.deleteRoleMapping(role);
> }
> /* Maybe we should add an else here that does what the importNewUser
> does.
> }
> Thankyou
>
> Philippe Gauthier.
>
>
>
> ------------------------------
>
> Message: 3
> Date: Mon, 15 Oct 2018 09:53:48 -0300
> From: Fabio Ebner <fabio.ebner(a)lumera.com.br>
> Subject: Re: [keycloak-user] Unrecognized field
> "authenticationFlowBindingOverrides"
> To: Marek Posolda <mposolda(a)redhat.com>
> Cc: keycloak-user(a)lists.jboss.org
> Message-ID:
> <
> CAFxMZba+qwDnfkrggWXn6U+iY_hZYpMJ0CzMYvrtYgMmL3rQ9g(a)mail.gmail.com>
> Content-Type: text/plain; charset="UTF-8"
>
> Marek tks I was using a old version in my pom. but after I put the correct
> 4.5.0.Final when I try to start my project throw an exception:
>
> Caused by: java.lang.NoClassDefFoundError:
> org/springframework/boot/web/server/WebServerFactoryCustomizer
>
> Look in the google say that class are only in springboot > 2 so I update
> my
> project to Springboot 2.0.5.Final, now my project start but when I try to
> access any url I got the error:
>
> in a loop:
>
>
>
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>
> 2018-10-15 09:50:12.363 ERROR 20936 --- [nio-8081-exec-2]
> o.a.c.c.C.[Tomcat].[localhost] : Exception Processing
> /favicon.ico
>
> java.lang.StackOverflowError: null
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at or
>
> .....
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>
> 2018-10-15 09:50:12.387 ERROR 20936 --- [nio-8081-exec-2]
> o.a.c.c.C.[.[.[/].[dispatcherServlet] : Servlet.service() for servlet
> [dispatcherServlet] threw exception
>
> java.lang.StackOverflowError: null
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> ......
>
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>
> 2018-10-15 09:50:12.399 ERROR 20936 --- [nio-8081-exec-2]
> o.a.c.c.C.[Tomcat].[localhost] : Exception Processing
> ErrorPage[errorCode=0, location=/error]
>
> javax.servlet.ServletException: Filter execution threw an exception
> at
>
>
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:200)
> ~[tomcat-embed-core-8.5.34.jar:8.5.34]
> at
>
>
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
> ~[tomcat-embed-core-8.5.34.jar:8.5.34]
> at
>
>
org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:728)
> ~[tomcat-embed-core-8.5.34.jar:8.5.34]
> at
>
>
org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:472)
> ~[tomcat-embed-core-8.5.34.jar:8.5.34]
> at
>
>
org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:395)
> ~[tomcat-embed-core-8.5.34.jar:8.5.34]
> at
>
>
org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:316)
> ~[tomcat-embed-core-8.5.34.jar:8.5.34]
> at
>
> org.apache.catalina.core.StandardHostValve.custom(StandardHostValve.java:395)
> [tomcat-embed-core-8.5.34.jar:8.5.34]
> at
>
> org.apache.catalina.core.StandardHostValve.status(StandardHostValve.java:254)
> [tomcat-embed-core-8.5.34.jar:8.5.34]
> at
>
> org.apache.catalina.core.StandardHostValve.throwable(StandardHostValve.java:349)
> [tomcat-embed-core-8.5.34.jar:8.5.34]
> at
>
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155)
> [tomcat-embed-core-8.5.34.jar:8.5.34]
> at
>
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
> [tomcat-embed-core-8.5.34.jar:8.5.34]
> at
>
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
> [tomcat-embed-core-8.5.34.jar:8.5.34]
> at
>
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
> [tomcat-embed-core-8.5.34.jar:8.5.34]
> at
> org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:800)
> [tomcat-embed-core-8.5.34.jar:8.5.34]
> at
>
> org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
> [tomcat-embed-core-8.5.34.jar:8.5.34]
> at
>
>
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:806)
> [tomcat-embed-core-8.5.34.jar:8.5.34]
> at
> org.apache.tomcat.util.net
> .NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1498)
> [tomcat-embed-core-8.5.34.jar:8.5.34]
> at
> org.apache.tomcat.util.net
> .SocketProcessorBase.run(SocketProcessorBase.java:49)
> [tomcat-embed-core-8.5.34.jar:8.5.34]
> at
>
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
> [na:1.8.0_162]
> at
>
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
> [na:1.8.0_162]
> at
>
> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
> [tomcat-embed-core-8.5.34.jar:8.5.34]
> at java.lang.Thread.run(Thread.java:748) [na:1.8.0_162]
> Caused by: java.lang.StackOverflowError: null
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> ....
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>
> 2018-10-15 09:50:12.425 ERROR 20936 --- [nio-8081-exec-2]
> o.a.c.c.C.[.[.[/].[dispatcherServlet] : Servlet.service() for servlet
> [dispatcherServlet] threw exception
>
> java.lang.StackOverflowError: null
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at org.keycloak.ada
> ....
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>
> 2018-10-15 09:50:12.437 ERROR 20936 --- [nio-8081-exec-2]
> o.a.c.c.C.[Tomcat].[localhost] : Exception Processing
> ErrorPage[errorCode=0, location=/error]
>
> javax.servlet.ServletException: Filter execution threw an exception
> at
>
>
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:200)
> ~[tomcat-embed-core-8.5.34.jar:8.5.34]
> at
>
>
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
> ~[tomcat-embed-core-8.5.34.jar:8.5.34]
> at
>
>
org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:728)
> ~[tomcat-embed-core-8.5.34.jar:8.5.34]
> at
>
>
org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:472)
> ~[tomcat-embed-core-8.5.34.jar:8.5.34]
> at
>
>
org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:395)
> ~[tomcat-embed-core-8.5.34.jar:8.5.34]
> at
>
>
org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:316)
> ~[tomcat-embed-core-8.5.34.jar:8.5.34]
> at
>
> org.apache.catalina.core.StandardHostValve.custom(StandardHostValve.java:395)
> [tomcat-embed-core-8.5.34.jar:8.5.34]
> at
>
> org.apache.catalina.core.StandardHostValve.status(StandardHostValve.java:254)
> [tomcat-embed-core-8.5.34.jar:8.5.34]
> at
>
> org.apache.catalina.core.StandardHostValve.throwable(StandardHostValve.java:349)
> [tomcat-embed-core-8.5.34.jar:8.5.34]
> at
>
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:175)
> [tomcat-embed-core-8.5.34.jar:8.5.34]
> at
>
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
> [tomcat-embed-core-8.5.34.jar:8.5.34]
> at
>
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
> [tomcat-embed-core-8.5.34.jar:8.5.34]
> at
>
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
> [tomcat-embed-core-8.5.34.jar:8.5.34]
> at
> org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:800)
> [tomcat-embed-core-8.5.34.jar:8.5.34]
> at
>
> org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
> [tomcat-embed-core-8.5.34.jar:8.5.34]
> at
>
>
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:806)
> [tomcat-embed-core-8.5.34.jar:8.5.34]
> at
> org.apache.tomcat.util.net
> .NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1498)
> [tomcat-embed-core-8.5.34.jar:8.5.34]
> at
> org.apache.tomcat.util.net
> .SocketProcessorBase.run(SocketProcessorBase.java:49)
> [tomcat-embed-core-8.5.34.jar:8.5.34]
> at
>
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
> [na:1.8.0_162]
> at
>
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
> [na:1.8.0_162]
> at
>
> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
> [tomcat-embed-core-8.5.34.jar:8.5.34]
> at java.lang.Thread.run(Thread.java:748) [na:1.8.0_162]
> Caused by: java.lang.StackOverflowError: null
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at
>
>
org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
> at org.key
>
>
>
> Em seg, 15 de out de 2018 ?s 04:19, Marek Posolda <mposolda(a)redhat.com>
> escreveu:
>
> > I think the field "authenticationFlowBindingOverrides" was added in
some
> > Keycloak 4.X version. I suggest to update Keycloak dependencies versions
> > in your pom from 3.4.3.Final to same version, which your Keycloak server
> > is.
> >
> > Marek
> >
> > On 13/10/18 04:18, Fabio Ebner wrote:
> > > When I try to get my client wit this code:
> > >
> > > ClientRepresentation app1Client =
> > >
realmResource.clients().findByClientId("central-api").get(0);
> > >
> > >
> > > that error return:
> > >
> > > javax.ws.rs.client.ResponseProcessingException:
> > > javax.ws.rs.ProcessingException:
> > > com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException:
> > > Unrecognized field "authenticationFlowBindingOverrides" (class
> > > org.keycloak.representations.idm.ClientRepresentation), not marked as
> > > ignorable (38 known properties: "enabled",
"clientAuthenticatorType",
> > > "redirectUris", "clientId",
"authorizationServicesEnabled", "name",
> > > "implicitFlowEnabled", "registeredNodes",
"nodeReRegistrationTimeout",
> > > "publicClient", "attributes", "protocol",
"webOrigins",
> > "protocolMappers",
> > > "id", "baseUrl", "surrogateAuthRequired",
"adminUrl",
> "fullScopeAllowed",
> > > "frontchannelLogout", "clientTemplate",
"directGrantsOnly", "rootUrl",
> > > "secret", "useTemplateMappers", "notBefore",
"useTemplateScope",
> > > "standardFlowEnabled", "description",
"directAccessGrantsEnabled",
> > > "useTemplateConfig", "serviceAccountsEnabled",
"consentRequired",
> > "access",
> > > "bearerOnly", "registrationAccessToken",
"defaultRoles",
> > > "authorizationSettings"])
> > >
> > >
> > >
> > > this is my pom.
> > >
> > > <!--keycloak-->
> > > <dependency>
> > > <groupId>org.keycloak</groupId>
> > > <artifactId>keycloak-spring-security-adapter</artifactId>
> > > <version>3.4.3.Final</version>
> > > </dependency>
> > > <dependency>
> > > <groupId>org.keycloak</groupId>
> > > <artifactId>keycloak-spring-boot-starter</artifactId>
> > > <version>3.4.3.Final</version>
> > > </dependency>
> > > <dependency>
> > > <groupId>org.keycloak</groupId>
> > > <artifactId>keycloak-admin-client</artifactId>
> > > <version>3.4.3.Final</version>
> > > </dependency>
> > > <dependency>
> > > <groupId>javax.ws.rs</groupId>
> > > <artifactId>javax.ws.rs-api</artifactId>
> > > <version>2.1</version>
> > > </dependency>
> > > <!--resteasy-->
> > > <dependency>
> > > <groupId>org.jboss.resteasy</groupId>
> > > <artifactId>resteasy-client</artifactId>
> > > <version>3.1.3.Final</version>
> > > </dependency>
> > > <dependency>
> > > <groupId>org.jboss.resteasy</groupId>
> > > <artifactId>resteasy-jackson2-provider</artifactId>
> > > <version>3.1.3.Final</version>
> > > </dependency>
> > > _______________________________________________
> > > keycloak-user mailing list
> > > keycloak-user(a)lists.jboss.org
> > > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
> >
> >
>
>
> ------------------------------
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
> End of keycloak-user Digest, Vol 58, Issue 37
> *********************************************
>
2175
days inactive
2249
days old
1 comments
2 participants
participants (2)
-
Craig Setera -
triton oidc