February 2016 - keycloak-user - Jboss List Archives

External Username, Password, Email... dataset with Keycloak

by Reed Lewis

Hi, We are examining KeyCloak (It looks like it can do what we want), but we have the need to have an external lookup of accounts who are not in KeyCloak in an external database which is accessible via a REST call. I know about federation, but would prefer to only check the external datasource if the user is not in KeyCloak, but from then on have all the data “live” in KeyCloak and never refer to the external datasource again once the account is “migrated” into KeyCloak. Can this be done with some modification of federation? We do not want to add the user accounts directly into KeyCloak as there are many more there than will ever be in KeyCloak. Thank you, Reed Lewis

7 years, 10 months

4
16
0 / 0

SSO amongst two realms

by Sarp Kaya

Hi, I want to know whether it is possible to have SSO amongst two realms. Ie User 1 logins to an app1 that auths against realm1, then user 1 tries to use app2 which auths against realm2 which should work fine as user 1 logged into realm1 before and it should SSO into app2 fine. If this is possible then what would be the setup like? Kind Regards, Sarp

8 years, 8 months

5
6
0 / 0

'500 Internal Server Error' thrown when 'Update User' API is invoked w/o 'username' in the payload

by Lohitha Chiranjeewa

Hi, Refer title for the bug. This seems to have been introduced after 1.2.0.Final because in that version we didn't have this problem. Failure happens in 1.7.0.Final. Checked the logs and there's a NullPointerException thrown. Shall I create a JIRA? Regards, Lohitha.

8 years, 9 months

2
6
0 / 0

Assign Role Fails Just After Creating the Role

by Malmi Samarasinghe

Hi Everyone, In my application we create retrieve and assign role subsequently and it seems that even for a small load (2-3 threads) with realm cache enabled option, assign realm role call fails due to role not exist error and 404 is returned from keycloak. With the realm cache disabled option the load works fine. Please get back to me if you have any information on any other option we can follow to get this issue sorted or on what action the realm cache will be persisted to DB. Regards, Malmi

8 years, 9 months

3
18
0 / 0

Update account - login action tokens - how to make them persistent

by Edgar Vonk - Info.nl

Hi, See if I understand this correctly: in the default set up of Keycloak sessions and temporary tokens are not persisted in the Keycloak database? So consider this scenario: 1/ login as admin to master realm 2/ go to Users - Credentials and send a ‘Update Password’ reset action email 3/ user receives an email with a link with a unique token to update his/her password in Keycloak 4/ Keycloak server is restarted for whatever reason 5/ the temporary ‘login action token’ no longer exists and the link from 3/ no longer works Is this correct and expected behaviour? And if so, can somebody maybe point us in the direction to solve this? I.e. by making sessions/tokens by persistent I guess. cheers Edgar

8 years, 9 months

2
6
0 / 0

Upgrade error - 1.8.0 to 1.8.1

by Darcy Welsh

Hi, I successfully upgraded from 1.7.0 to 1.8.0, however, seeing the following error when attempting to upgrade from 1.8.0 to either 1.8.1 or 1.9.0: 22:45:48,803 ERROR [org.keycloak.services.resources.KeycloakApplication] (ServerService Thread Pool -- 51) Failed to migrate datamodel: java.lang.RuntimeException: Failed to update database at org.keycloak.connections.jpa.updater.liquibase.LiquibaseJpaUpdaterProvider.update(LiquibaseJpaUpdaterProvider.java:87) at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.lazyInit(DefaultJpaConnectionProviderFactory.java:153) at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.create(DefaultJpaConnectionProviderFactory.java:42) at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.create(DefaultJpaConnectionProviderFactory.java:30) at org.keycloak.services.DefaultKeycloakSession.getProvider(DefaultKeycloakSession.java:103) at org.keycloak.models.jpa.JpaRealmProviderFactory.create(JpaRealmProviderFactory.java:34) at org.keycloak.models.jpa.JpaRealmProviderFactory.create(JpaRealmProviderFactory.java:16) at org.keycloak.services.DefaultKeycloakSession.getProvider(DefaultKeycloakSession.java:103) at org.keycloak.models.cache.infinispan.DefaultCacheRealmProvider.getDelegate(DefaultCacheRealmProvider.java:61) at org.keycloak.models.cache.infinispan.DefaultCacheRealmProvider.getMigrationModel(DefaultCacheRealmProvider.java:43) at org.keycloak.migration.MigrationModelManager.migrate(MigrationModelManager.java:21) at org.keycloak.services.resources.KeycloakApplication.migrateModel(KeycloakApplication.java:139) at org.keycloak.services.resources.KeycloakApplication.<init>(KeycloakApplication.java:82) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) at java.lang.reflect.Constructor.newInstance(Constructor.java:408) at org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:150) at org.jboss.resteasy.spi.ResteasyProviderFactory.createProviderInstance(ResteasyProviderFactory.java:2209) at org.jboss.resteasy.spi.ResteasyDeployment.createApplication(ResteasyDeployment.java:299) at org.jboss.resteasy.spi.ResteasyDeployment.start(ResteasyDeployment.java:240) at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.init(ServletContainerDispatcher.java:113) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.init(HttpServletDispatcher.java:36) at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:117) at org.wildfly.extension.undertow.security.RunAsLifecycleInterceptor.init(RunAsLifecycleInterceptor.java:78) at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:103) at io.undertow.servlet.core.ManagedServlet$DefaultInstanceStrategy.start(ManagedServlet.java:231) at io.undertow.servlet.core.ManagedServlet.createServlet(ManagedServlet.java:132) at io.undertow.servlet.core.DeploymentManagerImpl.start(DeploymentManagerImpl.java:526) at org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:101) at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:82) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) at org.jboss.threads.JBossThread.run(JBossThread.java:320) Caused by: liquibase.exception.DatabaseException: Incorrect database name '' [Failed SQL: CREATE TABLE ``.DATABASECHANGELOG (ID VARCHAR(255) NOT NULL, AUTHOR VARCHAR(255) NOT NULL, FILENAME VARCHAR(255) NOT NULL, DATEEXECUTED datetime NOT NULL, ORDEREXECUTED INT NOT NULL, EXECTYPE VARCHAR(10) NOT NULL, MD5SUM VARCHAR(35) NULL, DESCRIPTION VARCHAR(255) NULL, COMMENTS VARCHAR(255) NULL, TAG VARCHAR(255) NULL, LIQUIBASE VARCHAR(20) NULL, CONTEXTS VARCHAR(255) NULL, LABELS VARCHAR(255) NULL)] at liquibase.executor.jvm.JdbcExecutor$ExecuteStatementCallback.doInStatement(JdbcExecutor.java:316) at liquibase.executor.jvm.JdbcExecutor.execute(JdbcExecutor.java:55) at liquibase.executor.jvm.JdbcExecutor.execute(JdbcExecutor.java:122) at liquibase.executor.jvm.JdbcExecutor.execute(JdbcExecutor.java:112) at liquibase.changelog.StandardChangeLogHistoryService.init(StandardChangeLogHistoryService.java:214) at liquibase.Liquibase.checkLiquibaseTables(Liquibase.java:1074) at liquibase.Liquibase.listUnrunChangeSets(Liquibase.java:1136) at liquibase.Liquibase.listUnrunChangeSets(Liquibase.java:1126) at liquibase.Liquibase.listUnrunChangeSets(Liquibase.java:1122) at org.keycloak.connections.jpa.updater.liquibase.LiquibaseJpaUpdaterProvider.update(LiquibaseJpaUpdaterProvider.java:63) ... 36 more Caused by: com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: Incorrect database name '' at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) at java.lang.reflect.Constructor.newInstance(Constructor.java:408) at com.mysql.jdbc.Util.handleNewInstance(Util.java:377) at com.mysql.jdbc.Util.getInstance(Util.java:360) at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:978) at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3887) at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3823) at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:2435) at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:2582) at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2526) at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2484) at com.mysql.jdbc.StatementImpl.execute(StatementImpl.java:848) at com.mysql.jdbc.StatementImpl.execute(StatementImpl.java:742) at org.jboss.jca.adapters.jdbc.WrappedStatement.execute(WrappedStatement.java:198) at liquibase.executor.jvm.JdbcExecutor$ExecuteStatementCallback.doInStatement(JdbcExecutor.java:314) ... 45 more Any ideas as to the potential cause/resolution? The MySQL datasource is configured as follows: <datasource jta="true" jndi-name="java:jboss/datasources/KeycloakDS" pool-name="KeycloakDS" enabled="true" use-java-context="true"> <connection-url>jdbc:mysql://localhost:3306/keycloak</connection-url> <connection-property name="defaultFetchSize"> 1000 </connection-property> <driver>mysql</driver> <pool> <max-pool-size>20</max-pool-size> </pool> <security> <user-name>keycloak</user-name> <password>keycloakrocks!</password> </security> <timeout> <set-tx-query-timeout>true</set-tx-query-timeout> </timeout> <statement> <prepared-statement-cache-size>100</prepared-statement-cache-size> <share-prepared-statements>true</share-prepared-statements> </statement> </datasource> <drivers> <driver name="mysql" module="com.mysql.jdbc"> <xa-datasource-class>com.mysql.jdbc.jdbc2.optional.MysqlXADataSource</xa-datasource-class> <datasource-class>com.mysql.jdbc.jdbc2.optional.MysqlDataSource</datasource-class> </driver> . . . </drivers> Any help would be much appreciated. Thank-you in advance, Darcy Welsh

8 years, 9 months

3
7
0 / 0

XACML support ?

by Charles Moulliard

Hi, The project picketlink provides a servlet able to that can read SOAP messages that contain an XACML query in saml payload https://github.com/picketlink/picketlink/blob/master/modules/federation/s... https://developer.jboss.org/wiki/XACMLPDPSOAPService As the project picketlink is going to be merged with Keycloak, I'm wondering if XACML will be supported with Keycloak or not ? Regards, Charles

8 years, 9 months

3
4
0 / 0

Client Mappers. Can I define mappers programmatically?

by Reed Lewis

I have the need to define mappers programmatically instead of using fixed entries from user attributes. For example, I might want the following entries in my JWT: xxx: {d1:{[V1:123, V2:345, V3:567]},d2:{[V1:321, V2:xyz, V3:876]}} So I might have the following values in my attributes for the user: Xxx.d1.v1 123 Xxx.d1.v2 345 Xxx.d1.v3 567 Xxx.d2.v1 321 Xxx.d2.v2 xyz Xxx.d2.v3 876 But I might also have xxx.d3, xxx.d4, …. Is there a way to have Keycloak generate a JWT with all of the entries? Can I write a plug in that does this? Thank you, Reed Lewis

8 years, 9 months

4
4
0 / 0

REST(MicroServices) authentication through SAML 2.0

by Siva

Hi Experts, I've got scenario, seeking your valuable inputs to take this in right direction. My application is complete server side solution which has 6 different modules and it expose only the REST(Microservices) end points(5 modules are hosted in tomcat 8 container and 1 is hosted in Apache Karaf [OSGI bundle] ) to the external world ; which will be accessed by different enterprise and they need to integrate their SAML 2.0 IDP for authentication. These Microservices end points could be integrated with their existing portals or could be integrated with their existing mobile app applications, in some scenario's it could be an exclusive client application built to consume our REST end points which could potentially be a browser based and Mobile app. The challenge here is, for now we could use only SAML 2.0 based authentication since not all the organizations support OIDC/OAuth2.0 and as well our application could be flexible enough to be integrated with the existing client portals which uses SAML 2.0 authentication. We are planning to use keycloak as IDP broker to secure our endpoints. Questions : 1) Can this be achieved in keycloak? If yes, could you please provide some inputs on architectural directions in keycloak; like should all the modules need to be configured under 1 relam and need to have a separate brokering relam? 2) Does keycloak support Apache karaf container? I couldn't find any adapter for this under SAML adapter category. 3) For REST style endpoints, how should the user credential/Token details need to shared? Any example links? kerberos is not a complete solution here, since it need to work on all the devices(Desktop,Laptop & handheld). 4) For the REST based solution, can the application completely rely on keycloak for the session management, after the first time the user is authenticated? Any inputs on this will be highly valued. Regards, Siva.

8 years, 9 months

3
5
0 / 0

LDAP Query Failed - AD connection reset

by Adrian Matei

Hi everyone, >From time to time we are experiencing the following error : "LDAP Query Failed" (connection resets) for example by user registration, but by the second try it usually works.... Connection to AD takes place via ldaps and keycloak (1.7.0.Final) running on a JBoss EAP 6.4 with Java 8 installed. The complete stacktrace from server.log: 08:47:05,029 ERROR [org.keycloak.services.resources.ModelExceptionMapper] (http-/159.232.186.74:8443-7) LDAP Query failed: org.keycloak.models.ModelException: LDAP Query failed at org.keycloak.federation.ldap.idm.query.internal.LDAPQuery.getResultList(LDAPQuery.java:153) [keycloak-ldap-federation-1.7.0.Final.jar:1.7.0.Final] at org.keycloak.federation.ldap.idm.query.internal.LDAPQuery.getFirstResult(LDAPQuery.java:160) [keycloak-ldap-federation-1.7.0.Final.jar:1.7.0.Final] at org.keycloak.federation.ldap.LDAPFederationProvider.loadLDAPUserByUsername(LDAPFederationProvider.java:440) [keycloak-ldap-federation-1.7.0.Final.jar:1.7.0.Final] at org.keycloak.federation.ldap.LDAPFederationProvider.loadAndValidateUser(LDAPFederationProvider.java:230) [keycloak-ldap-federation-1.7.0.Final.jar:1.7.0.Final] at org.keycloak.federation.ldap.LDAPFederationProvider.validateAndProxy(LDAPFederationProvider.java:89) [keycloak-ldap-federation-1.7.0.Final.jar:1.7.0.Final] at org.keycloak.models.UserFederationManager.validateAndProxyUser(UserFederationManager.java:130) [keycloak-model-api-1.7.0.Final.jar:1.7.0.Final] at org.keycloak.models.UserFederationManager.getUserById(UserFederationManager.java:163) [keycloak-model-api-1.7.0.Final.jar:1.7.0.Final] at org.keycloak.models.sessions.infinispan.compat.UserSessionAdapter.getUser(UserSessionAdapter.java:62) [keycloak-model-sessions-infinispan-1.7.0.Final.jar:1.7.0.Final] at org.keycloak.services.resources.LoginActionsService.initEvent(LoginActionsService.java:732) [keycloak-services-1.7.0.Final.jar:1.7.0.Final] at org.keycloak.services.resources.LoginActionsService.processRequireAction(LoginActionsService.java:798) [keycloak-services-1.7.0.Final.jar:1.7.0.Final] at org.keycloak.services.resources.LoginActionsService.requiredActionPOST(LoginActionsService.java:750) [keycloak-services-1.7.0.Final.jar:1.7.0.Final] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.8.0_66] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) [rt.jar:1.8.0_66] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.8.0_66] at java.lang.reflect.Method.invoke(Method.java:497) [rt.jar:1.8.0_66] at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:168) [resteasy-jaxrs-2.3.12.Final-redhat-1.jar:] at org.jboss.resteasy.core.ResourceMethod.invokeOnTarget(ResourceMethod.java:269) [resteasy-jaxrs-2.3.12.Final-redhat-1.jar:] at org.jboss.resteasy.core.ResourceMethod.invoke(ResourceMethod.java:227) [resteasy-jaxrs-2.3.12.Final-redhat-1.jar:] at org.jboss.resteasy.core.ResourceLocator.invokeOnTargetObject(ResourceLocator.java:158) [resteasy-jaxrs-2.3.12.Final-redhat-1.jar:] at org.jboss.resteasy.core.ResourceLocator.invoke(ResourceLocator.java:91) [resteasy-jaxrs-2.3.12.Final-redhat-1.jar:] at org.jboss.resteasy.core.SynchronousDispatcher.getResponse(SynchronousDispatcher.java:561) [resteasy-jaxrs-2.3.12.Final-redhat-1.jar:] at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:543) [resteasy-jaxrs-2.3.12.Final-redhat-1.jar:] at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:128) [resteasy-jaxrs-2.3.12.Final-redhat-1.jar:] at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:208) [resteasy-jaxrs-2.3.12.Final-redhat-1.jar:] at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:55) [resteasy-jaxrs-2.3.12.Final-redhat-1.jar:] at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:50) [resteasy-jaxrs-2.3.12.Final-redhat-1.jar:] at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [jboss-servlet-api_3.0_spec-1.0.2.Final-redhat-2.jar:1.0.2.Final-redhat-2] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:295) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1] at org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:61) [keycloak-services-1.7.0.Final.jar:1.7.0.Final] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1] at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:231) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1] at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:149) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1] at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169) [jboss-as-web-7.5.5.Final-redhat-3.jar:7.5.5.Final-redhat-3] at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:150) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1] at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1] at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1] at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1] at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:854) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1] at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1] at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:926) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1] at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_66] Caused by: org.keycloak.models.ModelException: Querying of LDAP failed org.keycloak.federation.ldap.idm.query.internal.LDAPQuery@7434dc3b at org.keycloak.federation.ldap.idm.store.ldap.LDAPIdentityStore.fetchQueryResults(LDAPIdentityStore.java:158) [keycloak-ldap-federation-1.7.0.Final.jar:1.7.0.Final] at org.keycloak.federation.ldap.idm.query.internal.LDAPQuery.getResultList(LDAPQuery.java:149) [keycloak-ldap-federation-1.7.0.Final.jar:1.7.0.Final] ... 42 more Caused by: javax.naming.CommunicationException: simple bind failed: ldaps.AD_hostname:636 [Root exception is java.net.SocketException: Connection reset] at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:219) [rt.jar:1.8.0_66] at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2788) [rt.jar:1.8.0_66] at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319) [rt.jar:1.8.0_66] at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192) [rt.jar:1.8.0_66] at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210) [rt.jar:1.8.0_66] at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153) [rt.jar:1.8.0_66] at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83) [rt.jar:1.8.0_66] at org.jboss.as.naming.InitialContext.getDefaultInitCtx(InitialContext.java:122) at org.jboss.as.naming.InitialContext.init(InitialContext.java:107) at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154) [rt.jar:1.8.0_66] at org.jboss.as.naming.InitialContext.<init>(InitialContext.java:98) at org.jboss.as.naming.InitialContextFactory.getInitialContext(InitialContextFactory.java:44) at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684) [rt.jar:1.8.0_66] at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313) [rt.jar:1.8.0_66] at javax.naming.InitialContext.init(InitialContext.java:244) [rt.jar:1.8.0_66] at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154) [rt.jar:1.8.0_66] at org.keycloak.federation.ldap.idm.store.ldap.LDAPOperationManager.createLdapContext(LDAPOperationManager.java:453) [keycloak-ldap-federation-1.7.0.Final.jar:1.7.0.Final] at org.keycloak.federation.ldap.idm.store.ldap.LDAPOperationManager.execute(LDAPOperationManager.java:518) [keycloak-ldap-federation-1.7.0.Final.jar:1.7.0.Final] at org.keycloak.federation.ldap.idm.store.ldap.LDAPOperationManager.search(LDAPOperationManager.java:148) [keycloak-ldap-federation-1.7.0.Final.jar:1.7.0.Final] at org.keycloak.federation.ldap.idm.store.ldap.LDAPIdentityStore.fetchQueryResults(LDAPIdentityStore.java:149) [keycloak-ldap-federation-1.7.0.Final.jar:1.7.0.Final] ... 43 more Caused by: java.net.SocketException: Connection reset at java.net.SocketInputStream.read(SocketInputStream.java:209) [rt.jar:1.8.0_66] at java.net.SocketInputStream.read(SocketInputStream.java:141) [rt.jar:1.8.0_66] at sun.security.ssl.InputRecord.readFully(InputRecord.java:465) [jsse.jar:1.8.0_66] at sun.security.ssl.InputRecord.read(InputRecord.java:503) [jsse.jar:1.8.0_66] at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:973) [jsse.jar:1.8.0_66] at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) [jsse.jar:1.8.0_66] at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:747) [jsse.jar:1.8.0_66] at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123) [jsse.jar:1.8.0_66] at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82) [rt.jar:1.8.0_66] at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140) [rt.jar:1.8.0_66] at com.sun.jndi.ldap.Connection.writeRequest(Connection.java:426) [rt.jar:1.8.0_66] at com.sun.jndi.ldap.Connection.writeRequest(Connection.java:399) [rt.jar:1.8.0_66] at com.sun.jndi.ldap.LdapClient.ldapBind(LdapClient.java:359) [rt.jar:1.8.0_66] at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:214) [rt.jar:1.8.0_66] ... 62 more Anybody else experienced and fixed this? Thanks, Adrian

8 years, 9 months

2
2
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

keycloak-user February 2016