Re: [keycloak-user] Keycloak 1.0 Final Released
by Patrick V. Madden
Congratulations!
I will upgrade my release candidate we have running internally in the next day or so :) We are using it for a bunch of internal enterprise applications we are writing.
I really want to say thank you for the great work you all have done!
Patrick Madden
Principal Design Engineer
Tom Sawyer Software
1997 El Dorado Avenue
Berkeley, CA 94707
Cell: +1 (845) 416-4629
E-mail: pmadden@ tomsawyer.com
From: "Bill Burke" <bburke(a)redhat.com>
To: keycloak-dev(a)lists.jboss.org, "keycloack-users" <keycloak-user(a)lists.jboss.org>
Sent: Wednesday, September 10, 2014 4:19:25 PM
Subject: [keycloak-user] Keycloak 1.0 Final Released
Here's the details:
http://blog.keycloak.org/2014/09/10/keycloak-1-0-final-released/
Thank you Stian and Marek. You guys have been amazing to work with.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
9 years, 7 months
Logout exception
by Marko Radinovic
Hi,
I have Vaadin application running on Wildfly and I'am having problems
with logout.
I have installed keycloak on OpenShift and configure test domain for
application testing.
When i try to logout I get:
2014-09-10 17:31:45,206 ERROR [io.undertow.request] (default task-39)
UT005023: Exception handling request to /k_logout:
java.lang.RuntimeException: java.io.IOException: UT010029: Stream is closed
at
org.keycloak.adapters.PreAuthActionsHandler.handleLogout(PreAuthActionsHandler.java:138)
[keycloak-adapter-core-1.0-rc-2.jar:]
at
org.keycloak.adapters.PreAuthActionsHandler.handleRequest(PreAuthActionsHandler.java:57)
[keycloak-adapter-core-1.0-rc-2.jar:]
at
org.keycloak.adapters.undertow.ServletPreAuthActionsHandler.handleRequest(ServletPreAuthActionsHandler.java:68)
[keycloak-undertow-adapter-1.0-rc-2.jar:]
at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25)
[undertow-core-1.0.15.Final.jar:1.0.15.Final]
at
io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:240)
[undertow-servlet-1.0.15.Final.jar:1.0.15.Final]
at
io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:227)
[undertow-servlet-1.0.15.Final.jar:1.0.15.Final]
at
io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:73)
[undertow-servlet-1.0.15.Final.jar:1.0.15.Final]
at
io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:146)
[undertow-servlet-1.0.15.Final.jar:1.0.15.Final]
at
io.undertow.server.Connectors.executeRootHandler(Connectors.java:177)
[undertow-core-1.0.15.Final.jar:1.0.15.Final]
at
io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:727)
[undertow-core-1.0.15.Final.jar:1.0.15.Final]
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
[rt.jar:1.7.0_67]
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
[rt.jar:1.7.0_67]
at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_67]
Caused by: java.io.IOException: UT010029: Stream is closed
at
io.undertow.servlet.spec.ServletInputStreamImpl.read(ServletInputStreamImpl.java:115)
[undertow-servlet-1.0.15.Final.jar:1.0.15.Final]
at sun.nio.cs.StreamDecoder.readBytes(StreamDecoder.java:283)
[rt.jar:1.7.0_67]
at sun.nio.cs.StreamDecoder.implRead(StreamDecoder.java:325)
[rt.jar:1.7.0_67]
at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:177)
[rt.jar:1.7.0_67]
at java.io.InputStreamReader.read(InputStreamReader.java:184)
[rt.jar:1.7.0_67]
at java.io.BufferedReader.fill(BufferedReader.java:154)
[rt.jar:1.7.0_67]
at java.io.BufferedReader.read1(BufferedReader.java:205)
[rt.jar:1.7.0_67]
at java.io.BufferedReader.read(BufferedReader.java:279)
[rt.jar:1.7.0_67]
at org.keycloak.util.StreamUtil.readString(StreamUtil.java:25)
[keycloak-core-1.0-rc-2.jar:]
at
org.keycloak.adapters.PreAuthActionsHandler.verifyAdminRequest(PreAuthActionsHandler.java:165)
[keycloak-adapter-core-1.0-rc-2.jar:]
at
org.keycloak.adapters.PreAuthActionsHandler.handleLogout(PreAuthActionsHandler.java:118)
[keycloak-adapter-core-1.0-rc-2.jar:]
... 12 more
I tried both JaasAccessControl.logout() and httpServletRequest.logout().
Thanks
Marko
9 years, 7 months
user_attributes table
by Evan Thompson
Howdy all,
I've been looking into ways of storing user metdata within the my keycloak
database and noticed the user_attributes table. Now I am wondering is there
any way for me to write to that table via the keycloak console.
Thank for your time,
Evan Thompson
9 years, 7 months
LiveOak integration with Keycloak
by Dean Peterson
I am wondering about the KeycloakApplication class the LiveOak project
seems to be using to extend Keycloak for their framework. I really like
what LiveOak is doing but I am not able to understand why they would couple
everything to a custom version of Keycloak. I want to have a separate
Keycloak server that handles security for whatever applications I have. It
seems their decision to include Keycloak in the deployment of LiveOak
prevents me from deploying multiple LiveOak domain models on separate
servers. Every LiveOak will have its own instance of Keycloak. I am
asking here because it seems Stian has had a hand in the creation of
LiveOak and I was hoping he might see this and shed some light on the
subject. There is little documentation on the KeycloakApplication class.
Is that used to easily extend Keycloak and embed it into other frameworks?
Doesn't that defeat the purpose of Security As A Service? Any ideas how
I might decouple Keycloak from LiveOak?
9 years, 7 months
REST -> Backend App
by Red Samh
Hello,
We have an application that is protected using Keycloak and a user can
access this application through a web front. After login the user can use
the functionality of the application. The application is also exposed
through REST API's and is protected via keycloak as part of the application
and accessible only after login into the main application.
We have a
(Step 1) Javascript application (retrieving data from) ->
(Step 2) Business Application exposed as REST API (REST API has to make
calls to backend Application mentioned above) ->
(Step 3) BackEnd Application Server + REST API.
Directly accessing the BackEnd Application Server works fine but when we
need to call the REST API from another REST service which is authenticated
via Keycloak we have issues.
We used the existing sample to try and do a POC but not sure what is the
best approach to solve this issue. The part from (Step 1) to (Step 2) works
and the REST API is protected using BEARER token. The (Step 2) to (Step 3)
is a problem as in (Step 2) we only have the BEARER token and the BackEnd
Application is protected using the full keycloak configuration. So The
BackEnd Application service is not authenticating by sending in only the
BEARER token in the header which is a full keycloak installation (work as
only a web service).
Thanks
Sam
9 years, 7 months
SessionContext
by Alarik Myrin
Is it possible (or can it be possible in the future) to get
the KeycloakSecurityContext out of javax.ejb.SessionContext? I am using
Wildfly with the Wildfly adapter, and the only way I could figure out how
to get it (based on the example code) is from the HttpServletRequest. It
would be cool if it made its way into the SessionContext somehow...
Alarik
9 years, 7 months
user-resource-role-mappings typo error in doco
by Travis De Silva
Hi,
As per the documentation here,
http://docs.jboss.org/keycloak/docs/1.0-rc-2/userguide/html/ch07.html
we can set "user-resource-role-mappings" : true, in the keycloak.json file,
which will then make the adapter look inside the token for application
level role mappings for the user.
But when I add this, I get the following err.r
Caused by: java.lang.RuntimeException:
org.codehaus.jackson.map.exc.UnrecognizedPropertyException: Unrecognized
field "user-resource-role-mappings" (Class
org.keycloak.representations.adapters.config.AdapterConfig), not marked as
ignorable
I was able to track this down to the code in AdapterConfig in the
org.keycloak.representations.adapters.config package. In there, it is
defined as "use-resource-role-mappings"
When I changed it to this it worked.
I believe the doco has a typo that needs to be fixed.
Cheers
Travis
9 years, 7 months