May 2014 - keycloak-user - Jboss List Archives

by Rodrigo Sasaki

Hi, I tried configuring and running the *unconfigured-demo* that is inside the appliance distribution, in the examples directory. I have done this before in previous versions of keycloak, but I wanted to get it working on the latest version on the master branch. I configured it all like the examples in Bill Burke's YouTube tutorial, with one difference. Now Keycloak demands a redirect-url, which it didn't before, so I made it the same as the Admin URL, maybe that's where the problem is, but when I try to access a keycloak secured page, I get this: HTTP Status 404 - Could not find resource for relative : /rest/realms/demo/tokens/login of full path: http://localhost:8080/auth/rest/realms/demo/tokens/login?client_id=produc... ------------------------------ *type* Status report *message* *Could not find resource for relative : /rest/realms/demo/tokens/login of full path: http://localhost:8080/auth/rest/realms/demo/tokens/login?client_id=produc... <http://localhost:8080/auth/rest/realms/demo/tokens/login?client_id=produc...>* *description* *The requested resource (Could not find resource for relative : /rest/realms/demo/tokens/login of full path: http://localhost:8080/auth/rest/realms/demo/tokens/login?client_id=produc... <http://localhost:8080/auth/rest/realms/demo/tokens/login?client_id=produc...>) is not available.* Is the problem in the redirect-url? Or could it be something else? -- Rodrigo Sasaki

11 years, 10 months

2
1
0 / 0

Got 'Internal Server Error'--at org.wildfly.extension.undertow.Server.lookupSecurePort

by Weikun Wen

Hi KeyClock Team, I tried to set up the Keycloak server and its sample Restful service 'product database'. All the setup steps was quite straightforward with the help of reference guide, but when i try to get the resouces behind /database/products, i can get the redirect login page and manage to login with the test account.but after all, i got a 'internal server error'. Below is the exception showed in my server log, am i missing anything during my setup? 2014-05-25 14:05:53,117 ERROR [io.undertow.request] (default task-1) UT005023: Exception handling request to /database/products: java.lang.NullPointerException at org.wildfly.extension.undertow.Server.lookupSecurePort(Server.java:113) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$2.getConfidentialPort(UndertowDeploymentInfoService.java:454) at org.keycloak.adapters.wildfly.WildflyAuthenticationMechanism.createRequestAuthenticator(WildflyAuthenticationMechanism.java:26) [keycloak-wildfly-adapter-1.0-alpha-4.jar:] at org.keycloak.adapters.undertow.ServletKeycloakAuthMech.authenticate(ServletKeycloakAuthMech.java:32) [keycloak-undertow-adapter-1.0-alpha-4.jar:] at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:281) [undertow-core-1.0.0.Final.jar:1.0.0.Final] at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:298) [undertow-core-1.0.0.Final.jar:1.0.0.Final] at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.access$100(SecurityContextImpl.java:268) [undertow-core-1.0.0.Final.jar:1.0.0.Final] at io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(SecurityContextImpl.java:131) [undertow-core-1.0.0.Final.jar:1.0.0.Final] at io.undertow.security.impl.SecurityContextImpl.authTransition(SecurityContextImpl.java:106) [undertow-core-1.0.0.Final.jar:1.0.0.Final] at io.undertow.security.impl.SecurityContextImpl.authenticate(SecurityContextImpl.java:99) [undertow-core-1.0.0.Final.jar:1.0.0.Final] at io.undertow.security.handlers.AuthenticationCallHandler.handleRequest(AuthenticationCallHandler.java:50) [undertow-core-1.0.0.Final.jar:1.0.0.Final] at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:51) [undertow-core-1.0.0.Final.jar:1.0.0.Final] at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:45) [undertow-core-1.0.0.Final.jar:1.0.0.Final] at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:61) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final] at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:56) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final] at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58) [undertow-core-1.0.0.Final.jar:1.0.0.Final] at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final] at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76) [undertow-core-1.0.0.Final.jar:1.0.0.Final] at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25) [undertow-core-1.0.0.Final.jar:1.0.0.Final] at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25) [undertow-core-1.0.0.Final.jar:1.0.0.Final] at org.keycloak.adapters.undertow.ServletPreAuthActionsHandler.handleRequest(ServletPreAuthActionsHandler.java:52) [keycloak-undertow-adapter-1.0-alpha-4.jar:] at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25) [undertow-core-1.0.0.Final.jar:1.0.0.Final] at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:240) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final] at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:227) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final] at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:73) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final] at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:146) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final] at io.undertow.server.Connectors.executeRootHandler(Connectors.java:168) [undertow-core-1.0.0.Final.jar:1.0.0.Final] at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:687) [undertow-core-1.0.0.Final.jar:1.0.0.Final] at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) [rt.jar:1.7.0_51] at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) [rt.jar:1.7.0_51] at java.lang.Thread.run(Unknown Source) [rt.jar:1.7.0_51] Thanks & Regards, weikun

11 years, 10 months

1
0
0 / 0

Add Realm button disappeared?

by Rodrigo Sasaki

I have updated to the latest master, and was about to try to make the unconfigured-demo example work with the current version, so I could do some tests, but the "Add Realm" button had disappeared. I tried a new clone on the git repo so I'd have the cleanest version possible, and still the same thing. Is there a new flow to add a realm now? -- Rodrigo Sasaki

11 years, 10 months

2
3
0 / 0

Login Theme Development / Deployment

by Josh

Hi, I have found in the examples folder there is a "sunrise" login theme. My question is what is the workflow for developing one of these themes for Keycloak? Once I have a keycloak server deployed, how do I update login themes? Thanks, Josh

11 years, 10 months

2
3
0 / 0

Exporting a realm

by Stan Silvert

I see from KEYCLOAK-309 that exporting a realm has been implemented. How do I actually do this? Maybe I'm just blind, but I don't see anything in the UI. Is there a command line tool for it? Stan

11 years, 10 months

3
6
0 / 0

Re: [keycloak-user] Deployment failure

by Rodrigo Sasaki

Just as an update, I tried removing the audit persistence-unit, along with the audit part of the project, from the pom and everything. Now I don't get any messages saying that the persistence unit is missing/unsatisfied, although I cannot access it via the url *http://localhost:8080/auth <http://localhost:8080/auth>* I get a 404 error. I know this isn't a solution (removing a module), but I'm just trying to pinpoint the problem. The console output isn't long, and I couldn't identify any errors on it, I'll post it here. Please let me know if I shouldn't post console logs here, or if I should post them in a different way. /opt/keycloak/jboss-as-7.1.1.Final/bin/standalone.sh Detected server admin port: 9999 Detected server http port: 8080 [2014-05-22 10:32:45,305] Artifact auth-server: Server is not connected. Deploy is not available. ========================================================================= JBoss Bootstrap Environment JBOSS_HOME: /opt/keycloak/jboss-as-7.1.1.Final JAVA: /opt/jdk1.7.0_25/bin/java JAVA_OPTS: -server -XX:+UseCompressedOops -XX:+TieredCompilation -Xms64m -Xmx512m -XX:MaxPermSize=256m -Djava.net.preferIPv4Stack=true -Dorg.jboss.resolver.warning=true -Dsun.rmi.dgc.client.gcInterval=3600000 -Dsun.rmi.dgc.server.gcInterval=3600000 -Djboss.modules.system.pkgs=org.jboss.byteman -Djava.awt.headless=true -Djboss.server.default.config=standalone.xml ========================================================================= 10:32:45,571 INFO [org.jboss.modules] JBoss Modules version 1.1.1.GA 10:32:45,671 INFO [org.jboss.msc] JBoss MSC version 1.0.2.GA 10:32:45,699 INFO [org.jboss.as] JBAS015899: JBoss AS 7.1.1.Final "Brontes" starting 10:32:46,160 INFO [org.xnio] XNIO Version 3.0.3.GA 10:32:46,160 INFO [org.jboss.as.server] JBAS015888: Creating http management service using socket-binding (management-http) 10:32:46,167 INFO [org.xnio.nio] XNIO NIO Implementation Version 3.0.3.GA 10:32:46,174 INFO [org.jboss.remoting] JBoss Remoting version 3.2.3.GA 10:32:46,187 INFO [org.jboss.as.logging] JBAS011502: Removing bootstrap log handlers 10:32:46,191 INFO [org.jboss.as.configadmin] (ServerService Thread Pool -- 28) JBAS016200: Activating ConfigAdmin Subsystem 10:32:46,199 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 33) JBAS010280: Activating Infinispan subsystem. 10:32:46,222 INFO [org.jboss.as.osgi] (ServerService Thread Pool -- 41) JBAS011940: Activating OSGi Subsystem 10:32:46,228 INFO [org.jboss.as.connector] (MSC service thread 1-6) JBAS010408: Starting JCA Subsystem (JBoss IronJacamar 1.0.9.Final) 10:32:46,229 INFO [org.jboss.as.naming] (ServerService Thread Pool -- 40) JBAS011800: Activating Naming Subsystem 10:32:46,230 INFO [org.jboss.as.security] (ServerService Thread Pool -- 46) JBAS013101: Activating Security Subsystem 10:32:46,239 INFO [org.jboss.as.security] (MSC service thread 1-12) JBAS013100: Current PicketBox version=4.0.7.Final 10:32:46,247 INFO [org.jboss.as.webservices] (ServerService Thread Pool -- 50) JBAS015537: Activating WebServices Extension 10:32:46,273 INFO [org.jboss.as.connector.subsystems.datasources] (ServerService Thread Pool -- 29) JBAS010403: Deploying JDBC-compliant driver class org.h2.Driver (version 1.3) 10:32:46,326 INFO [org.jboss.as.naming] (MSC service thread 1-14) JBAS011802: Starting Naming Service 10:32:46,328 INFO [org.jboss.as.mail.extension] (MSC service thread 1-14) JBAS015400: Bound mail session [java:jboss/mail/Default] 10:32:46,381 INFO [org.jboss.ws.common.management.AbstractServerConfig] (MSC service thread 1-4) JBoss Web Services - Stack CXF Server 4.0.2.GA 10:32:46,396 INFO [org.apache.coyote.http11.Http11Protocol] (MSC service thread 1-14) Starting Coyote HTTP/1.1 on http--127.0.0.1-8080 10:32:46,570 INFO [org.jboss.as.server.deployment.scanner] (MSC service thread 1-15) JBAS015012: Started FileSystemDeploymentService for directory /opt/keycloak/jboss-as-7.1.1.Final/standalone/deployments 10:32:46,572 INFO [org.jboss.as.remoting] (MSC service thread 1-9) JBAS017100: Listening on /127.0.0.1:9999 10:32:46,572 INFO [org.jboss.as.remoting] (MSC service thread 1-16) JBAS017100: Listening on /127.0.0.1:4447 10:32:46,579 INFO [org.jboss.as.connector.subsystems.datasources] (MSC service thread 1-14) JBAS010400: Bound data source [java:jboss/datasources/ExampleDS] 10:32:46,735 INFO [org.jboss.as] (Controller Boot Thread) JBAS015951: Admin console listening on http://127.0.0.1:9990 10:32:46,736 INFO [org.jboss.as] (Controller Boot Thread) JBAS015874: JBoss AS 7.1.1.Final "Brontes" started in 1306ms - Started 134 of 209 services (74 services are passive or on-demand) Connected to server [2014-05-22 10:32:47,058] Artifact auth-server: Artifact is being deployed, please wait... 10:32:47,236 INFO [org.jboss.as.server.deployment] (MSC service thread 1-5) JBAS015876: Starting deployment of "auth-server" 10:32:47,306 WARN [org.jboss.as.dependency.private] (MSC service thread 1-1) JBAS018567: Deployment "deployment.auth-server" is using a private module ("org.apache.httpcomponents:main") which may be changed or removed in future versions without notice. 10:32:47,308 WARN [org.jboss.as.dependency.private] (MSC service thread 1-1) JBAS018567: Deployment "deployment.auth-server" is using a private module ("org.apache.httpcomponents:main") which may be changed or removed in future versions without notice. 10:32:47,309 WARN [org.jboss.as.dependency.private] (MSC service thread 1-1) JBAS018567: Deployment "deployment.auth-server" is using a private module ("org.codehaus.jackson.jackson-core-asl:main") which may be changed or removed in future versions without notice. 10:32:47,310 WARN [org.jboss.as.dependency.private] (MSC service thread 1-1) JBAS018567: Deployment "deployment.auth-server" is using a private module ("org.codehaus.jackson.jackson-core-asl:main") which may be changed or removed in future versions without notice. 10:32:47,312 WARN [org.jboss.as.dependency.private] (MSC service thread 1-1) JBAS018567: Deployment "deployment.auth-server" is using a private module ("org.codehaus.jackson.jackson-mapper-asl:main") which may be changed or removed in future versions without notice. 10:32:47,313 WARN [org.jboss.as.dependency.private] (MSC service thread 1-1) JBAS018567: Deployment "deployment.auth-server" is using a private module ("org.codehaus.jackson.jackson-mapper-asl:main") which may be changed or removed in future versions without notice. 10:32:47,477 INFO [org.jboss.as.server] (management-handler-thread - 2) JBAS018559: Deployed "auth-server" [2014-05-22 10:32:47,489] Artifact auth-server: Artifact is deployed successfully On Tue, May 20, 2014 at 3:30 PM, Rodrigo Sasaki <rodrigopsasaki(a)gmail.com>wrote: > Thank you very much. > > Please let me know if there's any extra information I can provide to help > you. > > > On Tue, May 20, 2014 at 3:24 PM, Bill Burke <bburke(a)redhat.com> wrote: > >> I'll look into it tonight. >> >> On 5/20/2014 1:36 PM, Rodrigo Sasaki wrote: >> > I have been using Keycloak building directly form Github sources for a >> > while now without any trouble, >> > >> > Today I updated my version here and now I can't deploy it anymore, is it >> > expected? >> > >> > Here are some specifics: >> > >> > I'm using JBoss 7.1.1.Final. >> > >> > I added the *extension* and the *subsystem* as requested in item >> > *6.2.1* of the Keycloak Reference Guide. >> > >> > I also extracted the adapter zip into the modules, it was all working, >> > but today I have this message, and I can't quite sort out the problem: >> > >> > >> > *14:27:50,537 ERROR [org.jboss.as <http://org.jboss.as>] (MSC service >> > thread 1-8) JBAS015875: JBoss AS 7.1.1.Final "Brontes" started (with >> > errors) in 2271ms - Started 196 of 304 services (28 services failed or >> > missing dependencies, 78 services are passive or on-demand)* >> > * >> > * >> > *14:27:50,739 INFO [org.jboss.as.server] (DeploymentScanner-threads - >> > 2) JBAS015870: Deploy of deployment "auth-server.war" was rolled back >> > with failure message {"JBAS014771: Services with missing/unavailable >> > dependencies" => * >> > >> *["jboss.deployment.unit.\"auth-server.war\".WeldServicejboss.persistenceunit.\"auth-server.war#jpa-keycloak-audit-store\", >> > * >> > >> *jboss.persistenceunit.\"auth-server.war#jpa-keycloak-identity-store\"Missing[jboss.deployment.unit.\"auth-server.war\".WeldServicejboss.persistenceunit.\"auth-server.war#jpa-keycloak-audit-store\", >> > * >> > >> *jboss.persistenceunit.\"auth-server.war#jpa-keycloak-identity-store\"]"]}* >> > * >> > * >> > * >> > * >> > and directly below that >> > >> > *JBAS014775: New missing/unsatisfied dependencies:* >> > * service >> > jboss.persistenceunit."auth-server.war#jpa-keycloak-audit-store" >> > (missing) dependents: [service >> > jboss.deployment.unit."auth-server.war".WeldService] * >> > * service >> > jboss.persistenceunit."auth-server.war#jpa-keycloak-identity-store" >> > (missing) dependents: [service >> > jboss.deployment.unit."auth-server.war".WeldService] * >> > * >> > * >> > Did I do something wrong, or is this expected in the current code base? >> > Perhaps there's something I can do to satisfy these dependencies >> > >> > >> > -- >> > Rodrigo Sasaki >> > >> > >> > _______________________________________________ >> > keycloak-user mailing list >> > keycloak-user(a)lists.jboss.org >> > https://lists.jboss.org/mailman/listinfo/keycloak-user >> > >> >> -- >> Bill Burke >> JBoss, a division of Red Hat >> http://bill.burkecentral.com >> _______________________________________________ >> keycloak-user mailing list >> keycloak-user(a)lists.jboss.org >> https://lists.jboss.org/mailman/listinfo/keycloak-user >> > > > > -- > Rodrigo Sasaki > -- Rodrigo Sasaki

11 years, 10 months

2
7
0 / 0

Re: [keycloak-user] MongoDB - Model provider not found

by Davide Ungari

I found out that: 1- the command "mvn package" does not include mongo module and driver 2- there is a regression on data model, updating source of keycloak I must drop database in order to see the admin console works again -- Davide

11 years, 10 months

3
10
0 / 0

Deployment failure

by Rodrigo Sasaki

I have been using Keycloak building directly form Github sources for a while now without any trouble, Today I updated my version here and now I can't deploy it anymore, is it expected? Here are some specifics: I'm using JBoss 7.1.1.Final. I added the *extension* and the *subsystem* as requested in item *6.2.1* of the Keycloak Reference Guide. I also extracted the adapter zip into the modules, it was all working, but today I have this message, and I can't quite sort out the problem: *14:27:50,537 ERROR [org.jboss.as <http://org.jboss.as>] (MSC service thread 1-8) JBAS015875: JBoss AS 7.1.1.Final "Brontes" started (with errors) in 2271ms - Started 196 of 304 services (28 services failed or missing dependencies, 78 services are passive or on-demand)* *14:27:50,739 INFO [org.jboss.as.server] (DeploymentScanner-threads - 2) JBAS015870: Deploy of deployment "auth-server.war" was rolled back with failure message {"JBAS014771: Services with missing/unavailable dependencies" => * *["jboss.deployment.unit.\"auth-server.war\".WeldServicejboss.persistenceunit.\"auth-server.war#jpa-keycloak-audit-store\", * *jboss.persistenceunit.\"auth-server.war#jpa-keycloak-identity-store\"Missing[jboss.deployment.unit.\"auth-server.war\".WeldServicejboss.persistenceunit.\"auth-server.war#jpa-keycloak-audit-store\", * *jboss.persistenceunit.\"auth-server.war#jpa-keycloak-identity-store\"]"]}* and directly below that *JBAS014775: New missing/unsatisfied dependencies:* * service jboss.persistenceunit."auth-server.war#jpa-keycloak-audit-store" (missing) dependents: [service jboss.deployment.unit."auth-server.war".WeldService] * * service jboss.persistenceunit."auth-server.war#jpa-keycloak-identity-store" (missing) dependents: [service jboss.deployment.unit."auth-server.war".WeldService] * Did I do something wrong, or is this expected in the current code base? Perhaps there's something I can do to satisfy these dependencies -- Rodrigo Sasaki

11 years, 10 months

2
1
0 / 0

How to logout user from keycloak

by Peter Bardac

Hi, I'd like to ask how can i simply logout from web application. It seems that using simple HttpServletRequest.logout() does not work for me. Thanks

11 years, 10 months

2
1
0 / 0

No refresh-token when requesting access token

by Nils Preusker

Hi, I noticed that when I request an access token (curl -v -H "Content-type: application/x-www-form-urlencoded" http://localhost:8080/auth/rest/realms/keycloak-admin/tokens/grants/acces... "client_id=...&client_secret=...&username=...&password=..." -H "Accept: application/json"), the response doesn't contain a refresh token. Is this intentional? And might it change in future versions? According to http://tools.ietf.org/html/rfc6749#section-4.3 (which is the spec the above method implements, right?), the refresh token in the access token response is optional. If I'm not mistaken, adding .generateRefreshToken() here: https://github.com/keycloak/keycloak/blob/master/services/src/main/java/o... should do the trick, right? Cheers, Nils

11 years, 10 months

3
3
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

keycloak-user May 2014