October 2016 - keycloak-user - Jboss List Archives

by java＠neposoft.com

Hi I'm implementing a solution as shown saml-broker-authentication, trying to protect a war (spring-rest). All configured fine, Keycloak-saml-idp returns fine, am getting a OIDC tocken back from Keycloak , but when it returns back to the URL I was initially hit, I get forbidden. Anyone gone through this pain - any tips? Thank you. John

7 years, 6 months

2
4
0 / 0

Possible LDAP injection issue found - '(' character in user name is not escaped before LDAP query (as found by OWASP ZAP security tool)

by Edgar Vonk - Info.nl

Hi, We are using the OWASP ZAP tool (https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project) to run basic security testing against our web portal of which Keycloak is a key part. When ZAP runs the Keycloak log fills up quickly with all kinds of stack traces. One of them is the one below. In this case the ZAP tool attempts to login on the Keycloak login page securing our custom realm with the following username: ZAP') UNION ALL select NULL -- It seems from the stacktrace below that Keycloak uses this ‘username’ as is without any escaping when querying LDAP(/AD) This results in an incorrect LDAP query because the parenthesis are now ‘unbalanced’. I think all special characters in a username should be escaped before the LDAP query is done? It seems that this is a case of LDAP Injection (https://www.owasp.org/index.php/LDAP_injection) [0m[31m14:06:37,437 ERROR [org.keycloak.federation.ldap.idm.store.ldap.LDAPOperationManager] (default task-21) Could not query server using DN [ou=Users,ou=Customers,dc=graydon-test,dc=hf,dc=info,dc=nl] and filter [(&(userPrincipalname=ZAP') UNION ALL select NULL -- )(objectclass=person)(objectclass=organizationalPerson)(objectclass=user)(objectclass=graydonCustomerPerson))]: javax.naming.directory.InvalidSearchFilterException: Unbalanced parenthesis; remaining name 'ou=Users,ou=Customers,dc=graydon-test,dc=hf,dc=info,dc=nl' at com.sun.jndi.ldap.Filter.findRightParen(Filter.java:694) at com.sun.jndi.ldap.Filter.encodeFilterList(Filter.java:733) at com.sun.jndi.ldap.Filter.encodeComplexFilter(Filter.java:657) at com.sun.jndi.ldap.Filter.encodeFilter(Filter.java:104) at com.sun.jndi.ldap.Filter.encodeFilterString(Filter.java:74) at com.sun.jndi.ldap.LdapClient.search(LdapClient.java:546) at com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:1985) at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1844) at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1769) at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:392) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:358) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:341) at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:267) at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:267) at org.keycloak.federation.ldap.idm.store.ldap.LDAPOperationManager$2.execute(LDAPOperationManager.java:169) at org.keycloak.federation.ldap.idm.store.ldap.LDAPOperationManager$2.execute(LDAPOperationManager.java:166) at org.keycloak.federation.ldap.idm.store.ldap.LDAPOperationManager.execute(LDAPOperationManager.java:536) at org.keycloak.federation.ldap.idm.store.ldap.LDAPOperationManager.search(LDAPOperationManager.java:166) at org.keycloak.federation.ldap.idm.store.ldap.LDAPIdentityStore.fetchQueryResults(LDAPIdentityStore.java:160) at org.keycloak.federation.ldap.idm.query.internal.LDAPQuery.getResultList(LDAPQuery.java:165) at org.keycloak.federation.ldap.idm.query.internal.LDAPQuery.getFirstResult(LDAPQuery.java:176) at org.keycloak.federation.ldap.LDAPFederationProvider.loadLDAPUserByUsername(LDAPFederationProvider.java:510) at org.keycloak.federation.ldap.LDAPFederationProvider.getUserByUsername(LDAPFederationProvider.java:305) at org.keycloak.models.UserFederationManager.getUserByUsername(UserFederationManager.java:237) at org.keycloak.models.utils.KeycloakModelUtils.findUserByNameOrEmail(KeycloakModelUtils.java:273) at org.keycloak.authentication.authenticators.browser.AbstractUsernameFormAuthenticator.validateUserAndPassword(AbstractUsernameFormAuthenticator.java:127) at org.keycloak.authentication.authenticators.browser.UsernamePasswordForm.validateForm(UsernamePasswordForm.java:56) at org.keycloak.authentication.authenticators.browser.UsernamePasswordForm.action(UsernamePasswordForm.java:49) at org.keycloak.authentication.DefaultAuthenticationFlow.processAction(DefaultAuthenticationFlow.java:84) at org.keycloak.authentication.DefaultAuthenticationFlow.processAction(DefaultAuthenticationFlow.java:75) at org.keycloak.authentication.AuthenticationProcessor.authenticationAction(AuthenticationProcessor.java:759) at org.keycloak.services.resources.LoginActionsService.processFlow(LoginActionsService.java:356) at org.keycloak.services.resources.LoginActionsService.processAuthentication(LoginActionsService.java:338) at org.keycloak.services.resources.LoginActionsService.authenticateForm(LoginActionsService.java:383) at sun.reflect.GeneratedMethodAccessor480.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:139) at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:295) at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:249) at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:138) at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:101) at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:395) at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:202) at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:221) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129) at org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:90) at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284) at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263) at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:174) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) [0m[33m14:06:37,439 WARN [org.keycloak.events] (default task-21) type=LOGIN_ERROR, realmId=graydon-customers, clientId=account, userId=null, ipAddress=172.23.6.21, error=invalid_user_credentials, auth_method=openid-connect, auth_type=code, redirect_uri=https://gry-test.hf.info.nl/auth/realms/graydon-customers/account/login-redirect, code_id=7ee2f340-5bf8-42a2-b1ef-32890a78c305, username='ZAP') UNION ALL select NULL -- '

7 years, 6 months

1
0
0 / 0

Deploy theme

by Zeus Arias Lucero | BEEVA

Hi! I'm developing a theme and when copied to the folder /op/keycloak/theme occurs this: 2016-10-03 13:00:39,237 ERROR [io.undertow.request] (default task-5) UT005023: Exception handling request to /auth/admin/serverinfo: org.jboss.resteasy.spi.UnhandledException: java.lang.NullPointerException at org.jboss.resteasy.core.ExceptionHandler.handleApplicationException(ExceptionHandler.java:76) at org.jboss.resteasy.core.ExceptionHandler.handleException(ExceptionHandler.java:212) at org.jboss.resteasy.core.SynchronousDispatcher.writeException(SynchronousDispatcher.java:168) at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:411) at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:202) at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:221) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129) at org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:90) at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284) at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263) at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:174) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: java.lang.NullPointerException at org.keycloak.theme.ExtendingThemeManager$ExtendingTheme.getProperties(ExtendingThemeManager.java:284) at org.keycloak.services.resources.admin.info.ServerInfoAdminResource.setThemes(ServerInfoAdminResource.java:170) at org.keycloak.services.resources.admin.info.ServerInfoAdminResource.getInfo(ServerInfoAdminResource.java:90) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:139) at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:295) at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:249) at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:138) at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:101) at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:395) ... 37 more This happens occasionally Any ideas?

7 years, 6 months

2
3
0 / 0

Re: [keycloak-user] Remember me doesn't work after keycloak restart

by Edgar Vonk - Info.nl

Hi Stian, How does this relate to a previous remark you made regarding persisting user sessions: http://lists.jboss.org/pipermail/keycloak-user/2015-April/001921.html Also I do see Java code in Keycloak related to persisting user sessions and there is the USER_SESSIONS database table? With the correct settings in keycloak-server.json with caching disabled should Keycloak persist user sessions? cheers Edgar User sessions are not persisted which is why users have to re-authenticate after server is restarted. To make sessions work cross server restarts you need a cluster with multiple server nodes and increase owners for the user session cache. On 28 September 2016 at 09:44, Mariusz Chruscielewski - Info.nl<http://info.nl> < mariusz at info.nl<https://lists.jboss.org/mailman/listinfo/keycloak-user>> wrote: > Hi. Is it possible to persist sessions after keycloak restart? We are > using remember me functionality, and after keycloak server is restarted, > all users have to login again (I’m not sure if this is about session, or > maybe some other remember-me-session). Is there any way to configure that? > Thanks in advance. > > > > Kind Regards, > > > > Mariusz Chruscielewski

7 years, 6 months

2
3
0 / 0

With Keycloak 2.2.1 the DB migration fails

by Padmaka Wijaygoonawardena

Hi, With Keycloak 2.2.1 release the DB migration from a fresh DB fails this also occurred in 2.1.0 as well. I use a MySQL DB as the database. attached herewith is the stack trace. [2016-09-28 10:35:18.0609], WARN , org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool ServerService Thread Pool -- 62 - IJ000615: Destroying active connection in pool: mysql_keycloak (org.jboss.jca.adapters.jdbc.local.LocalManagedConnection@2899b74f) [2016-09-28 10:35:18.0618], WARN , org.jboss.jca.adapters.jdbc.BaseWrapperManagedConnection ServerService Thread Pool -- 62 - IJ030022: Lock owned during cleanup: ServerService Thread Pool -- 56: java.lang.Throwable: Lock owned during cleanup: ServerService Thread Pool -- 56 at java.net.SocketInputStream.socketRead0(Native Method) at java.net.SocketInputStream.socketRead(SocketInputStream.java:116) at java.net.SocketInputStream.read(SocketInputStream.java:170) at java.net.SocketInputStream.read(SocketInputStream.java:141) at com.mysql.jdbc.util.ReadAheadInputStream.fill(ReadAheadInputStream.java:100) at com.mysql.jdbc.util.ReadAheadInputStream.readFromUnderlyingStreamIfNecessary(ReadAheadInputStream.java:143) at com.mysql.jdbc.util.ReadAheadInputStream.read(ReadAheadInputStream.java:173) at com.mysql.jdbc.MysqlIO.readFully(MysqlIO.java:2911) at com.mysql.jdbc.MysqlIO.reuseAndReadPacket(MysqlIO.java:3337) at com.mysql.jdbc.MysqlIO.reuseAndReadPacket(MysqlIO.java:3327) at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3814) at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:2435) at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:2582) at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2526) at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2484) at com.mysql.jdbc.StatementImpl.execute(StatementImpl.java:848) at com.mysql.jdbc.StatementImpl.execute(StatementImpl.java:742) at org.jboss.jca.adapters.jdbc.WrappedStatement.execute(WrappedStatement.java:198) at liquibase.executor.jvm.JdbcExecutor$ExecuteStatementCallback.doInStatement(JdbcExecutor.java:314) at liquibase.executor.jvm.JdbcExecutor.execute(JdbcExecutor.java:55) at liquibase.executor.jvm.JdbcExecutor.execute(JdbcExecutor.java:122) at liquibase.database.AbstractJdbcDatabase.execute(AbstractJdbcDatabase.java:1247) at liquibase.database.AbstractJdbcDatabase.executeStatements(AbstractJdbcDatabase.java:1230) at liquibase.changelog.ChangeSet.execute(ChangeSet.java:548) at liquibase.changelog.visitor.UpdateVisitor.visit(UpdateVisitor.java:51) at liquibase.changelog.ChangeLogIterator.run(ChangeLogIterator.java:73) at liquibase.Liquibase.update(Liquibase.java:210) at liquibase.Liquibase.update(Liquibase.java:190) at liquibase.Liquibase.update(Liquibase.java:186) at org.keycloak.connections.jpa.updater.liquibase.LiquibaseJpaUpdaterProvider.updateChangeSet(LiquibaseJpaUpdaterProvider.java:114) at org.keycloak.connections.jpa.updater.liquibase.LiquibaseJpaUpdaterProvider.update(LiquibaseJpaUpdaterProvider.java:76) at org.keycloak.connections.jpa.updater.liquibase.LiquibaseJpaUpdaterProvider.update(LiquibaseJpaUpdaterProvider.java:59) at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.update(DefaultJpaConnectionProviderFactory.java:329) at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.migration(DefaultJpaConnectionProviderFactory.java:299) at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.lambda$lazyInit$0(DefaultJpaConnectionProviderFactory.java:186) at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory$$Lambda$105/1378148237.run(Unknown Source) at org.keycloak.models.utils.KeycloakModelUtils.suspendJtaTransaction(KeycloakModelUtils.java:677) at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.lazyInit(DefaultJpaConnectionProviderFactory.java:137) at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.create(DefaultJpaConnectionProviderFactory.java:85) at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.create(DefaultJpaConnectionProviderFactory.java:63) at org.keycloak.services.DefaultKeycloakSession.getProvider(DefaultKeycloakSession.java:158) at org.keycloak.models.jpa.JpaRealmProviderFactory.create(JpaRealmProviderFactory.java:51) at org.keycloak.models.jpa.JpaRealmProviderFactory.create(JpaRealmProviderFactory.java:33) at org.keycloak.services.DefaultKeycloakSession.getProvider(DefaultKeycloakSession.java:158) at org.keycloak.models.cache.infinispan.RealmCacheSession.getDelegate(RealmCacheSession.java:161) at org.keycloak.models.cache.infinispan.RealmCacheSession.getMigrationModel(RealmCacheSession.java:154) at org.keycloak.migration.MigrationModelManager.migrate(MigrationModelManager.java:60) at org.keycloak.services.resources.KeycloakApplication.migrateModel(KeycloakApplication.java:221) at org.keycloak.services.resources.KeycloakApplication.migrateAndBootstrap(KeycloakApplication.java:162) at org.keycloak.services.resources.KeycloakApplication$1.run(KeycloakApplication.java:121) at org.keycloak.models.utils.KeycloakModelUtils.runJobInTransaction(KeycloakModelUtils.java:295) at org.keycloak.services.resources.KeycloakApplication.<init>(KeycloakApplication.java:112) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) at java.lang.reflect.Constructor.newInstance(Constructor.java:423) at org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:150) at org.jboss.resteasy.spi.ResteasyProviderFactory.createProviderInstance(ResteasyProviderFactory.java:2209) at org.jboss.resteasy.spi.ResteasyDeployment.createApplication(ResteasyDeployment.java:299) at org.jboss.resteasy.spi.ResteasyDeployment.start(ResteasyDeployment.java:240) at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.init(ServletContainerDispatcher.java:113) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.init(HttpServletDispatcher.java:36) at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:117) at org.wildfly.extension.undertow.security.RunAsLifecycleInterceptor.init(RunAsLifecycleInterceptor.java:78) at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:103) at io.undertow.servlet.core.ManagedServlet$DefaultInstanceStrategy.start(ManagedServlet.java:231) at io.undertow.servlet.core.ManagedServlet.createServlet(ManagedServlet.java:132) at io.undertow.servlet.core.DeploymentManagerImpl.start(DeploymentManagerImpl.java:526) at org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:101) at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:82) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) at org.jboss.threads.JBossThread.run(JBossThread.java:320) [2016-09-28 10:35:18.0634], INFO , org.jboss.as.connector.services.driver.DriverService MSC service thread 1-6 - WFLYJCA0019: Stopped Driver service with driver-name = mysql-connector-java-5.1.33-bin.jar_com.mysql.jdbc.Driver_5_1 [2016-09-28 10:35:19.0107], INFO , org.hibernate.validator.internal.util.Version MSC service thread 1-5 - HV000001: Hibernate Validator 5.2.3.Final [2016-09-28 10:35:19.0592], DEBUG, org.keycloak.connections.jpa.updater.liquibase.conn.DefaultLiquibaseConnectionProvider$LogWrapper$1 ServerService Thread Pool -- 56 - Foreign key constraint added to RESOURCE_POLICY (RESOURCE_ID) [2016-09-28 10:35:19.0593], DEBUG, org.keycloak.transaction.JtaTransactionWrapper ServerService Thread Pool -- 56 - JtaTransactionWrapper rollback [2016-09-28 10:35:19.0593], DEBUG, org.keycloak.transaction.JtaTransactionWrapper ServerService Thread Pool -- 56 - JtaTransactionWrapper end [2016-09-28 10:35:19.0594], DEBUG, org.keycloak.transaction.JtaTransactionWrapper ServerService Thread Pool -- 56 - JtaTransactionWrapper resuming suspended [2016-09-28 10:35:19.0595], DEBUG, org.keycloak.connections.jpa.updater.liquibase.lock.CustomLockService ServerService Thread Pool -- 56 - Going to release database lock [2016-09-28 10:35:19.0595], ERROR, org.keycloak.connections.jpa.updater.liquibase.lock.CustomLockService ServerService Thread Pool -- 56 - Database error during release lock: liquibase.exception.DatabaseException: liquibase.exception.DatabaseException: java.sql.SQLException: IJ031040: Connection is not associated with a managed connection: org.jboss.jca.adapters.jdbc.jdk7.WrappedConnectionJDK7@88d58a5 at liquibase.database.AbstractJdbcDatabase.commit(AbstractJdbcDatabase.java:1130) at org.keycloak.connections.jpa.updater.liquibase.lock.CustomLockService.releaseLock(CustomLockService.java:184) at org.keycloak.connections.jpa.updater.liquibase.lock.LiquibaseDBLockProvider.lambda$releaseLock$1(LiquibaseDBLockProvider.java:126) at org.keycloak.models.utils.KeycloakModelUtils.suspendJtaTransaction(KeycloakModelUtils.java:677) at org.keycloak.connections.jpa.updater.liquibase.lock.LiquibaseDBLockProvider.releaseLock(LiquibaseDBLockProvider.java:123) at org.keycloak.services.resources.KeycloakApplication$1.run(KeycloakApplication.java:123) at org.keycloak.models.utils.KeycloakModelUtils.runJobInTransaction(KeycloakModelUtils.java:295) at org.keycloak.services.resources.KeycloakApplication.<init>(KeycloakApplication.java:112) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) at java.lang.reflect.Constructor.newInstance(Constructor.java:423) at org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:150) at org.jboss.resteasy.spi.ResteasyProviderFactory.createProviderInstance(ResteasyProviderFactory.java:2209) at org.jboss.resteasy.spi.ResteasyDeployment.createApplication(ResteasyDeployment.java:299) at org.jboss.resteasy.spi.ResteasyDeployment.start(ResteasyDeployment.java:240) at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.init(ServletContainerDispatcher.java:113) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.init(HttpServletDispatcher.java:36) at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:117) at org.wildfly.extension.undertow.security.RunAsLifecycleInterceptor.init(RunAsLifecycleInterceptor.java:78) at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:103) at io.undertow.servlet.core.ManagedServlet$DefaultInstanceStrategy.start(ManagedServlet.java:231) at io.undertow.servlet.core.ManagedServlet.createServlet(ManagedServlet.java:132) at io.undertow.servlet.core.DeploymentManagerImpl.start(DeploymentManagerImpl.java:526) at org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:101) at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:82) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) at org.jboss.threads.JBossThread.run(JBossThread.java:320) Caused by: liquibase.exception.DatabaseException: java.sql.SQLException: IJ031040: Connection is not associated with a managed connection: org.jboss.jca.adapters.jdbc.jdk7.WrappedConnectionJDK7@88d58a5 at liquibase.database.jvm.JdbcConnection.commit(JdbcConnection.java:126) at liquibase.database.AbstractJdbcDatabase.commit(AbstractJdbcDatabase.java:1128) ... 31 more Caused by: java.sql.SQLException: IJ031040: Connection is not associated with a managed connection: org.jboss.jca.adapters.jdbc.jdk7.WrappedConnectionJDK7@88d58a5 at org.jboss.jca.adapters.jdbc.WrappedConnection.lock(WrappedConnection.java:164) at org.jboss.jca.adapters.jdbc.WrappedConnection.getAutoCommit(WrappedConnection.java:802) at liquibase.database.jvm.JdbcConnection.commit(JdbcConnection.java:122) ... 32 more [2016-09-28 10:35:19.0596], DEBUG, org.keycloak.transaction.JtaTransactionWrapper ServerService Thread Pool -- 56 - JtaTransactionWrapper rollback [2016-09-28 10:35:19.0596], DEBUG, org.keycloak.transaction.JtaTransactionWrapper ServerService Thread Pool -- 56 - JtaTransactionWrapper end [2016-09-28 10:35:19.0598], INFO , org.jboss.as.server.BootstrapImpl$ShutdownHook Thread-2 - WFLYSRV0220: Server shutdown has been requested. [2016-09-28 10:35:19.0601], DEBUG, org.jboss.as.security.service.SecurityDomainService MSC service thread 1-8 - Stopping security domain service jboss-ejb-policy [2016-09-28 10:35:19.0601], DEBUG, org.jboss.as.mail.extension.MailSessionAdd$1 MSC service thread 1-2 - WFLYMAIL0003: Removed mail session [java:jboss/mail/Default] [2016-09-28 10:35:19.0602], DEBUG, org.infinispan.manager.DefaultCacheManager MSC service thread 1-7 - Stopping cache manager server on padmaka [2016-09-28 10:35:19.0602], DEBUG, org.wildfly.extension.undertow.ConsoleRedirectService MSC service thread 1-2 - Stopping console redirect for default-host [2016-09-28 10:35:19.0606], DEBUG, org.jboss.as.connector.subsystems.datasources.CommonDeploymentService MSC service thread 1-3 - Stopped CommonDeployment %s [2016-09-28 10:35:19.0606], INFO , org.jboss.as.connector.subsystems.datasources.AbstractDataSourceAdd$2 MSC service thread 1-6 - WFLYJCA0010: Unbound data source [java:jboss/datasources/KeycloakDS] [2016-09-28 10:35:19.0607], DEBUG, org.jboss.as.connector.subsystems.datasources.CommonDeploymentService MSC service thread 1-6 - Stopped CommonDeployment %s [2016-09-28 10:35:19.0612], DEBUG, org.jboss.as.security.service.SecurityDomainService MSC service thread 1-3 - Stopping security domain service jboss-web-policy [2016-09-28 10:35:19.0624], DEBUG, org.jboss.as.security.service.SecurityDomainService MSC service thread 1-4 - Stopping security domain service jaspitest [2016-09-28 10:35:19.0628], DEBUG, org.jboss.as.connector.services.resourceadapters.deployment.registry.ResourceAdapterDeploymentRegistryService MSC service thread 1-1 - Stopping service service jboss.raregistry [2016-09-28 10:35:19.0628], DEBUG, org.infinispan.manager.DefaultCacheManager MSC service thread 1-8 - Stopping cache manager web on padmaka [2016-09-28 10:35:19.0630], DEBUG, org.infinispan.manager.DefaultCacheManager MSC service thread 1-6 - Stopping cache manager ejb on padmaka [2016-09-28 10:35:19.0630], INFO , org.infinispan.remoting.transport.jgroups.JGroupsTransport MSC service thread 1-7 - ISPN000080: Disconnecting JGroups channel server [2016-09-28 10:35:19.0631], DEBUG, org.jboss.as.ejb3.remote.EJBTransactionRecoveryService$1 ServerService Thread Pool -- 62 - Un-registered org.jboss.as.ejb3.remote.EJBTransactionRecoveryService$1@5bc6f06a from the transaction recovery manager [2016-09-28 10:35:19.0632], INFO , org.infinispan.remoting.transport.jgroups.JGroupsTransport MSC service thread 1-7 - ISPN000082: Stopping the RpcDispatcher for channel server [2016-09-28 10:35:19.0638], INFO , org.infinispan.remoting.transport.jgroups.JGroupsTransport MSC service thread 1-8 - ISPN000080: Disconnecting JGroups channel web [2016-09-28 10:35:19.0638], INFO , org.infinispan.remoting.transport.jgroups.JGroupsTransport MSC service thread 1-8 - ISPN000082: Stopping the RpcDispatcher for channel web [2016-09-28 10:35:19.0636], INFO , org.infinispan.remoting.transport.jgroups.JGroupsTransport MSC service thread 1-6 - ISPN000080: Disconnecting JGroups channel ejb [2016-09-28 10:35:19.0640], INFO , org.infinispan.remoting.transport.jgroups.JGroupsTransport MSC service thread 1-6 - ISPN000082: Stopping the RpcDispatcher for channel ejb [2016-09-28 10:35:19.0637], DEBUG, org.infinispan.manager.DefaultCacheManager MSC service thread 1-1 - Stopping cache manager hibernate on padmaka [2016-09-28 10:35:19.0642], DEBUG, org.jboss.tm.usertx.UserTransactionRegistry MSC service thread 1-2 - org.jboss.tm.usertx.UserTransactionRegistry@daa6d39 removeListener org.jboss.as.jpa.container.JPAUserTransactionListener@47424e73 [2016-09-28 10:35:19.0642], DEBUG, org.jboss.as.connector.subsystems.datasources.AbstractDataSourceAdd$2 MSC service thread 1-3 - Removed JDBC Data-source [java:jboss/datasources/KeycloakDS] [2016-09-28 10:35:19.0641], DEBUG, org.jboss.as.clustering.infinispan.subsystem.CacheContainerBuilder MSC service thread 1-7 - server cache container stopped [2016-09-28 10:35:19.0641], DEBUG, org.jboss.as.clustering.infinispan.subsystem.CacheContainerBuilder MSC service thread 1-6 - ejb cache container stopped [2016-09-28 10:35:19.0640], INFO , org.wildfly.extension.undertow.HttpsListenerService MSC service thread 1-4 - WFLYUT0008: Undertow HTTPS listener https suspending [2016-09-28 10:35:19.0639], DEBUG, org.jboss.as.clustering.infinispan.subsystem.CacheContainerBuilder MSC service thread 1-8 - web cache container stopped [2016-09-28 10:35:19.0654], INFO , org.wildfly.extension.undertow.HttpsListenerService MSC service thread 1-4 - WFLYUT0007: Undertow HTTPS listener https stopped, was bound to 10.1.11.48:8101 [2016-09-28 10:35:19.0651], ERROR, org.jboss.msc.service.ServiceControllerImpl$StartContextImpl ServerService Thread Pool -- 56 - MSC000001: Failed to start service jboss.undertow.deployment.default-server.default-host./auth: org.jboss.msc.service.StartException in service jboss.undertow.deployment.default-server.default-host./auth: java.lang.RuntimeException: RESTEASY003325: Failed to construct public org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher) at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:85) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) at org.jboss.threads.JBossThread.run(JBossThread.java:320) Caused by: java.lang.RuntimeException: RESTEASY003325: Failed to construct public org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher) at org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:162) at org.jboss.resteasy.spi.ResteasyProviderFactory.createProviderInstance(ResteasyProviderFactory.java:2209) at org.jboss.resteasy.spi.ResteasyDeployment.createApplication(ResteasyDeployment.java:299) at org.jboss.resteasy.spi.ResteasyDeployment.start(ResteasyDeployment.java:240) at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.init(ServletContainerDispatcher.java:113) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.init(HttpServletDispatcher.java:36) at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:117) at org.wildfly.extension.undertow.security.RunAsLifecycleInterceptor.init(RunAsLifecycleInterceptor.java:78) at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:103) at io.undertow.servlet.core.ManagedServlet$DefaultInstanceStrategy.start(ManagedServlet.java:231) at io.undertow.servlet.core.ManagedServlet.createServlet(ManagedServlet.java:132) at io.undertow.servlet.core.DeploymentManagerImpl.start(DeploymentManagerImpl.java:526) at org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:101) at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:82) ... 6 more Caused by: java.lang.RuntimeException: Failed to update database at org.keycloak.connections.jpa.updater.liquibase.LiquibaseJpaUpdaterProvider.update(LiquibaseJpaUpdaterProvider.java:90) at org.keycloak.connections.jpa.updater.liquibase.LiquibaseJpaUpdaterProvider.update(LiquibaseJpaUpdaterProvider.java:59) at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.update(DefaultJpaConnectionProviderFactory.java:329) at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.migration(DefaultJpaConnectionProviderFactory.java:299) at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.lambda$lazyInit$0(DefaultJpaConnectionProviderFactory.java:186) at org.keycloak.models.utils.KeycloakModelUtils.suspendJtaTransaction(KeycloakModelUtils.java:677) at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.lazyInit(DefaultJpaConnectionProviderFactory.java:137) at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.create(DefaultJpaConnectionProviderFactory.java:85) at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.create(DefaultJpaConnectionProviderFactory.java:63) at org.keycloak.services.DefaultKeycloakSession.getProvider(DefaultKeycloakSession.java:158) at org.keycloak.models.jpa.JpaRealmProviderFactory.create(JpaRealmProviderFactory.java:51) at org.keycloak.models.jpa.JpaRealmProviderFactory.create(JpaRealmProviderFactory.java:33) at org.keycloak.services.DefaultKeycloakSession.getProvider(DefaultKeycloakSession.java:158) at org.keycloak.models.cache.infinispan.RealmCacheSession.getDelegate(RealmCacheSession.java:161) at org.keycloak.models.cache.infinispan.RealmCacheSession.getMigrationModel(RealmCacheSession.java:154) at org.keycloak.migration.MigrationModelManager.migrate(MigrationModelManager.java:60) at org.keycloak.services.resources.KeycloakApplication.migrateModel(KeycloakApplication.java:221) at org.keycloak.services.resources.KeycloakApplication.migrateAndBootstrap(KeycloakApplication.java:162) at org.keycloak.services.resources.KeycloakApplication$1.run(KeycloakApplication.java:121) at org.keycloak.models.utils.KeycloakModelUtils.runJobInTransaction(KeycloakModelUtils.java:295) at org.keycloak.services.resources.KeycloakApplication.<init>(KeycloakApplication.java:112) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) at java.lang.reflect.Constructor.newInstance(Constructor.java:423) at org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:150) ... 19 more Caused by: liquibase.exception.MigrationFailedException: Migration failed for change set META-INF/ jpa-changelog-authz-2.0.0.xml::authz-2.0.0::psilva@redhat.com: Reason: liquibase.exception.UnexpectedLiquibaseException: java.sql.SQLException: IJ031040: Connection is not associated with a managed connection: org.jboss.jca.adapters.jdbc.jdk7.WrappedConnectionJDK7@503aa43a at liquibase.changelog.ChangeSet.execute(ChangeSet.java:573) at liquibase.changelog.visitor.UpdateVisitor.visit(UpdateVisitor.java:51) at liquibase.changelog.ChangeLogIterator.run(ChangeLogIterator.java:73) at liquibase.Liquibase.update(Liquibase.java:210) at liquibase.Liquibase.update(Liquibase.java:190) at liquibase.Liquibase.update(Liquibase.java:186) at org.keycloak.connections.jpa.updater.liquibase.LiquibaseJpaUpdaterProvider.updateChangeSet(LiquibaseJpaUpdaterProvider.java:114) at org.keycloak.connections.jpa.updater.liquibase.LiquibaseJpaUpdaterProvider.update(LiquibaseJpaUpdaterProvider.java:76) ... 44 more Caused by: liquibase.exception.UnexpectedLiquibaseException: java.sql.SQLException: IJ031040: Connection is not associated with a managed connection: org.jboss.jca.adapters.jdbc.jdk7.WrappedConnectionJDK7@503aa43a at liquibase.database.jvm.JdbcConnection.getURL(JdbcConnection.java:79) at liquibase.executor.jvm.JdbcExecutor.execute(JdbcExecutor.java:62) at liquibase.executor.jvm.JdbcExecutor.execute(JdbcExecutor.java:122) at liquibase.database.AbstractJdbcDatabase.execute(AbstractJdbcDatabase.java:1247) at liquibase.database.AbstractJdbcDatabase.executeStatements(AbstractJdbcDatabase.java:1230) at liquibase.changelog.ChangeSet.execute(ChangeSet.java:548) ... 51 more Caused by: java.sql.SQLException: IJ031040: Connection is not associated with a managed connection: org.jboss.jca.adapters.jdbc.jdk7.WrappedConnectionJDK7@503aa43a at org.jboss.jca.adapters.jdbc.WrappedConnection.lock(WrappedConnection.java:164) at org.jboss.jca.adapters.jdbc.WrappedConnection.getMetaData(WrappedConnection.java:913) at liquibase.database.jvm.JdbcConnection.getURL(JdbcConnection.java:77) ... 56 more is there any solution for this? Thanks in advance. Padmaka

7 years, 6 months

3
3
0 / 0

User Groups in Token

by Travis De Silva

Hi, Does anyone know if the user groups assigned to a user can be retrieved from the token? I haven't found a method that can pull this and I also checked OtherClaims and it was not there. Basically, I want to get a list of groups that the logged in user is assigned to. Cheers Travis

7 years, 6 months

1
1
0 / 0

SAML/spring sec adapter : keycloak SP -> ssocircle IDS

by java＠neposoft.com

Hi, Am trying to do SSO using Keycloak as SO configured with ssocircle Idp. Injected Keycloak client (SAML) SSO descriptor into ssocircle. Using Keycloak spring sec java adapter. Configured kecloak.json. Question: can I use the Keycloak spring sec java adapter to protect the war? Would Keycloak do all the SAML handshake with Idp and return me some key and let the flow go on ? Appreciate if anyone can answer my questions. Anyone has done anything like this? thanks

7 years, 6 months

1
0
0 / 0

migrate-json operation produces WFLYCTL0212: Duplicate resource

by Patrick Boe

Hello, I'm not sure if I'm invoking this incorrectly, but I could use some help diagnosing an error I get when attempting to upgrade my Keycloak installation from 2.0.0 to 2.2.1. When, from the root of my new keycloak installation, I do: > .\bin\jboss-cli.bat [disconnected /] embed-server --server-config=standalone.xml [standalone@embedded /] /subsystem=keycloak-server:migrate-json I get the following error: { "outcome" => "failed", "failure-description" => "WFLYCTL0212: Duplicate resource [ (\"subsystem\" => \"keycloak-server\"), (\"theme\" => \"defaults\") ]", "rolled-back" => true } Does anyone have some advice on how to resolve this, or suggestions as to what I may have misconfigured? Best, Patrick Boe ________________________________ The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorised. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful.

7 years, 6 months

2
2
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

keycloak-user October 2016