August 2017 - keycloak-user - Jboss List Archives

illegal character in path when testing email setup

by Tiemen Ruiten

Hello, I get the following error when hitting the 'Test connection' button on the email tab in Realm settings: 2017-07-10 15:55:27,316 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0025: *Keycloak 3.2.0.Final (WildFly Core 2.0.10.Final)* started in 21731ms - Started 449 of 824 services (561 services are lazy, passive or on-demand) 2017-07-10 15:56:48,997 WARN [org.jboss.resteasy.resteasy_jaxrs.i18n] (default task-11) RESTEASY002130: Failed to parse request.: javax.ws.rs.core.UriBuilderException: RESTEASY003330: Failed to create URI: https://kc.rdmedia.com/auth/admin/realms/master/testSMTPConnection/{ "port":null,"host":"mail.rdmedia.com ","ssl":"","starttls":"","auth":"","from":"account(a)rdmedia.com"} at org.jboss.resteasy.specimpl.ResteasyUriBuilder.buildFromValues(ResteasyUriBuilder.java:749) at org.jboss.resteasy.specimpl.ResteasyUriBuilder.build(ResteasyUriBuilder.java:721) at org.jboss.resteasy.spi.ResteasyUriInfo.initialize(ResteasyUriInfo.java:58) at org.jboss.resteasy.spi.ResteasyUriInfo.<init>(ResteasyUriInfo.java:53) at org.jboss.resteasy.plugins.server.servlet.ServletUtil.extractUriInfo(ServletUtil.java:41) at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:200) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129) at org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:90) at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284) at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263) at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:174) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:748) Caused by: java.net.URISyntaxException: Illegal character in path at index 67: https://kc.rdmedia.com/auth/admin/realms/master/testSMTPConnection/{ "port":null,"host":"mail.rdmedia.com ","ssl":"","starttls":"","auth":"","from":"account(a)rdmedia.com"} at java.net.URI$Parser.fail(URI.java:2848) at java.net.URI$Parser.checkChars(URI.java:3021) at java.net.URI$Parser.parseHierarchical(URI.java:3105) at java.net.URI$Parser.parse(URI.java:3053) at java.net.URI.<init>(URI.java:588) at org.jboss.resteasy.specimpl.ResteasyUriBuilder.buildFromValues(ResteasyUriBuilder.java:744) ... 40 more The 67th character is the slash after testSMTPConnection. Is this a bug and/or is there a workaround/fix? -- Tiemen Ruiten Systems Engineer R&D Media

7 years, 5 months

2
7
0 / 0

Fwd: Clean Install with MySQL - Keycloak restarts itself due to liquibase errors - Docker Swarm environment

by James Green

Gah! Intended for the list not the individual. ---------- Forwarded message ---------- From: James Green <james.mk.green(a)gmail.com> Date: 3 August 2017 at 10:40 Subject: Re: [keycloak-user] Clean Install with MySQL - Keycloak restarts itself due to liquibase errors - Docker Swarm environment To: Marko Strukelj <mstrukel(a)redhat.com> I'm aware of the liquibase error, the bit I'm struggling with is how that can happen on an empty database. I might try to launch the database separately - could be a race condition between initialising the two applications (clutching at straws). On 3 August 2017 at 10:36, Marko Strukelj <mstrukel(a)redhat.com> wrote: > There's your error in line 237 of the first log: > 08:53:26,263 ERROR [org.keycloak.connections.jpa. > updater.liquibase.conn.DefaultLiquibaseConnectionProvider] (ServerService > Thread Pool -- 52) Change Set META-INF/jpa-changelog-1.7.0.x > ml::1.7.0::bburke@redhat.com failed. Error: Table 'KEYCLOAK_GROUP' > already exists [Failed SQL: CREATE TABLE keycloak.KEYCLOAK_GROUP (ID > VARCHAR(36) NOT NULL, NAME VARCHAR(255) NULL, PARENT_GROUP VARCHAR(36) > NULL, REALM_ID VARCHAR(36) NULL)]: liquibase.exception.DatabaseException: > Table 'KEYCLOAK_GROUP' already exists [Failed SQL: CREATE TABLE > keycloak.KEYCLOAK_GROUP (ID VARCHAR(36) NOT NULL, NAME VARCHAR(255) NULL, > PARENT_GROUP VARCHAR(36) NULL, REALM_ID VARCHAR(36) NULL)] > > The question now is why that table exists already if you started with an > empty database. > > On Thu, Aug 3, 2017 at 11:22 AM, James Green <james.mk.green(a)gmail.com> > wrote: > >> Unsure what I'm doing wrong here. Circumstance: we've spotted KeyCloak, >> have reason to be interested, so are deploying an instance into our test >> environment which happens to be Docker Swarm. >> >> Problem: The KeyCloak service is being restarted by Docker, presumably due >> to a crash. The logs indicate it gets so far within a liquibase script >> then >> fails. >> >> Here's the docker-compose.yml file that we are using for deployment >> purposes: >> >> https://gist.github.com/jmkgreen/b79f95c3eca2eac3fb66c66d12017f07 >> >> Here's the log from MySQL: >> >> https://gist.github.com/jmkgreen/75b99fe98cf1d16a99895e78dae47cce >> >> Here's an initial log from KeyCloak: >> >> https://gist.github.com/jmkgreen/96285800949b5c4f62c31caa3eba27ef >> >> Here's an further log from KeyCloak once Docker has decided it needed to >> be >> restarted: >> >> https://gist.github.com/jmkgreen/2051ab14e470d1d46dabcfdd519d5c42 >> >> As you can see, the MySQL server starts and is configured due to there >> being no data already present. All looks good. KeyCloak eventually gets >> connected to MySQL and begins using Liquibase to roll through transitions >> but crashes (how?) and thus the container overall crashes forcing Docker >> to >> restart, which merely happens over and over. >> >> FWIW I earlier created a StackOverflow post which has us at a _different_ >> liquibase change but also failing: >> >> https://stackoverflow.com/questions/45466482/keycloak-will-n >> ot-start-due-to-liquibase-changelog-error?noredirect=1#comme >> nt77894983_45466482 >> >> What I've posted in the Gists above occurred after I shut everything down >> and wiped the MySQL data directory of it's contents in full. >> >> An aside - we have multiple projects working within Swarm using stack >> deployments with externally managed networks (as recommended by Docker) >> and >> GlusterFS volumes without issue. In this particular case the only tangible >> difference is the use of the latest MySQL version which other projects may >> not be using. We also do not have experience of WildFly-based software. >> >> Any ideas what I've done wrong? >> >> Thanks, >> >> James >> _______________________________________________ >> keycloak-user mailing list >> keycloak-user(a)lists.jboss.org >> https://lists.jboss.org/mailman/listinfo/keycloak-user >> > >

7 years, 5 months

1
0
0 / 0

Possible bug in GroupModel implementations

by Ilya Korol

Hi. i'm working on some extensions for keycloak for our team purposes. Today i note that some instance of GroupModel(retrieved from keycloak) returned for me null from method getAttribute(String attrName). But javadoc from GroupModel states that this method never return null: /** * @param name * @return list of all attribute values or empty list if there are not any values. Never return null */ List<String> getAttribute(String name); I checked implementations in keycloak-parent and found this in org.keycloak.models.cache.infinispan.GroupAdapter: @Override public List<String> getAttribute(String name) { List<String> values = cached.getAttributes().get(name); if (values == null) return null; <---- Attention return values; } Is it bug?

7 years, 5 months

1
0
0 / 0

openshift-keycloak-cartridge 3.2.1.Final and 3.2.0.Final Do not work

by Kristiaan Jansen

Hi We are trying to use the keycloak openshift cartridge for latest version of openshift. We have been using older versions and they work fine for us. Reproduce scenario: Install openshift cartridge for 3.2.0.Final on openshift online following this manual https://github.com/keycloak/openshift-keycloak-cartridge/tree/base. The cartridge installs fine. But when we go to the administration console it shows internal server error in the server.log we see the Below Stacktrace. Expectation: The cartridge should work. Stacktrace ^[[0m^[[31m03:41:10,299 ERROR [freemarker.runtime] (default task-9) Error executing FreeMarker template: freemarker.core.InvalidReferenceException: The following has evaluated to null or missing: ==> consoleBaseUrl [in template "index.ftl" at line 20, column 33] ---- Tip: If the failing expression is known to be legally refer to something that's sometimes null or missing, either specify a default value like myOptionalVar!myDefault, or use <#if myOptionalVar??>when-present<#else>when-missing</#if>. (These only cover the last step of the expression; to cover the whole expression, use parenthesis: (myOptionalVar.foo)!myDefault, (myOptionalVar.foo)?? ---- ---- FTL stack trace ("~" means nesting-related): - Failed at: ${consoleBaseUrl} [in template "index.ftl" at line 20, column 31] ---- at freemarker.core.InvalidReferenceException.getInstance(InvalidReferenceException.java:131) at freemarker.core.EvalUtil.coerceModelToString(EvalUtil.java:355) at freemarker.core.Expression.evalAndCoerceToString(Expression.java:82) at freemarker.core.DollarVariable.accept(DollarVariable.java:41) at freemarker.core.Environment.visit(Environment.java:324) at freemarker.core.MixedContent.accept(MixedContent.java:54) at freemarker.core.Environment.visit(Environment.java:324) at freemarker.core.Environment.process(Environment.java:302) at freemarker.template.Template.process(Template.java:325) at org.keycloak.theme.FreeMarkerUtil.processTemplate(FreeMarkerUtil.java:61) at org.keycloak.services.resources.admin.AdminConsole.getMainPage(AdminConsole.java:305) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:139) at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:295) at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:249) at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:138) at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:101) at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:395) at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:202) at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:221) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129) at org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:90) at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284) at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263) at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:174) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748) ^[[0m^[[31m03:41:10,340 ERROR [io.undertow.request] (default task-9) UT005023: Exception handling request to /auth/admin/master/console/: org.jboss.resteasy.spi.UnhandledException: org.keycloak.theme.FreeMarkerException: Failed to process template index.ftl at org.jboss.resteasy.core.ExceptionHandler.handleApplicationException(ExceptionHandler.java:76) at org.jboss.resteasy.core.ExceptionHandler.handleException(ExceptionHandler.java:212) at org.jboss.resteasy.core.SynchronousDispatcher.writeException(SynchronousDispatcher.java:168) at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:411) at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:202) at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:221) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129) at org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:90) at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284) at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263) at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:174) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748) Caused by: org.keycloak.theme.FreeMarkerException: Failed to process template index.ftl at org.keycloak.theme.FreeMarkerUtil.processTemplate(FreeMarkerUtil.java:64) at org.keycloak.services.resources.admin.AdminConsole.getMainPage(AdminConsole.java:305) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:139) at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:295) at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:249) at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:138) at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:101) at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:395) ... 37 more Caused by: freemarker.core.InvalidReferenceException: The following has evaluated to null or missing: ==> consoleBaseUrl [in template "index.ftl" at line 20, column 33] ---- Tip: If the failing expression is known to be legally refer to something that's sometimes null or missing, either specify a default value like myOptionalVar!myDefault, or use <#if myOptionalVar??>when-present<#else>when-missing</#if>. (These only cover the last step of the expression; to cover the whole expression, use parenthesis: (myOptionalVar.foo)!myDefault, (myOptionalVar.foo)?? ---- ---- FTL stack trace ("~" means nesting-related): - Failed at: ${consoleBaseUrl} [in template "index.ftl" at line 20, column 31] ---- at freemarker.core.InvalidReferenceException.getInstance(InvalidReferenceException.java:131) at freemarker.core.EvalUtil.coerceModelToString(EvalUtil.java:355) at freemarker.core.Expression.evalAndCoerceToString(Expression.java:82) at freemarker.core.DollarVariable.accept(DollarVariable.java:41) at freemarker.core.Environment.visit(Environment.java:324) at freemarker.core.MixedContent.accept(MixedContent.java:54) at freemarker.core.Environment.visit(Environment.java:324) at freemarker.core.Environment.process(Environment.java:302) at freemarker.template.Template.process(Template.java:325) at org.keycloak.theme.FreeMarkerUtil.processTemplate(FreeMarkerUtil.java:61) ... 48 more

7 years, 5 months

1
0
0 / 0

When should auth_time claim be updated?

by Matt Evans

Hi We are working with keycloak v3.2.0 and are using 'prompt=login' to initiate a re-authentication for sensitive actions, and we use the auth_time claim to determine if this should occur. Ordinarily each time we redirect to the auth endpoint with 'prompt=login' the auth_time is updated to the time that the authentication occurred. However, if we then redirect to the auth endpoint and the cookie is valid and used, any subsequent time after this authentication that we use the auth endpoint with 'prompt=login' the auth_time claim is not updated. Is this intended behaviour? Thanks Matt

7 years, 5 months

3
9
0 / 0

Does NodeJS adapter support basic auth?

by thomas.hilaire＠free.fr

Hello, I use Keycloak for months now and it works like a charm, thanks for that! I did all requirements I found to add the BASIC authentication to my project with keycloak-nodejs-connect but I can't get it working. By looking at the library code, I don't see anything about this authentication method. Is the basic auth supported with this adapter? Is there any issue on your JIRA for this topic? Thanks to all contributors for Keycloak!

7 years, 5 months

1
0
0 / 0

Getting offline token alongside refresh token

by Jesus Bernal

Hi, I am using Authorisation Code Flow in my web application. I would like to get a refresh token for the web app itself but also an offline token that I will save in the database so I can use it later on for an offline task. However I am struggling with that. I cannot use grant-type password because I don’t want to ask the user again to enter his credentials and also authorisation code is only one-time use so I cannot integrate it with the current flow. Is there any other way to generate an offline token from a different token? I have tried using grant type refresh-token with scope offline access but that didn’t work. Thanks in advance. Best Regards, Jesus Bernal Senior Software Engineer jesus.bernal(a)checkit.net<mailto:jesus.bernal@checkit.net> Elektron Technology Broers Building, JJ Thomson Avenue, Cambridge, CB3 0FA, UK www.elektron-technology.com<http://www.elektron-technology.com/> ______________________________________________________________________ This email has been scanned by the Symantec Email Security.cloud service. For more information please visit http://www.symanteccloud.com ______________________________________________________________________

7 years, 5 months

1
0
0 / 0

DB from MongoDB to PostgreSQL migration, how?

by K K

Hi, I am struggling with Keycloak migration from version 1.9.8 to the latest one. Currently I am at 2.4.0 and still MongoDB. Is there any built-in tool to migrate MongoDB db to PostgreSQL? I have tried import and then export, but it doesn't work or I did mistake somewhere.

7 years, 5 months

3
2
0 / 0

Re: [keycloak-user] Keycloak 3.2.1.Final released

by Thomas Connolly

Hi Keycloak 3.2.1 appliance missing in the JBoss (and maven2) repo. https://repository.jboss.org/nexus/content/groups/public/org/keycloak/key... Raising as our build pulls this down then uses the CLI to overlay customisations. Regards Tom Connolly. Message: 3 Date: Mon, 24 Jul 2017 16:21:47 +0200 From: Marek Posolda <mposolda(a)redhat.com> Subject: Re: [keycloak-user] Keycloak 3.2.1.Final released To: "Federico Navarro Polo - Info.nl" <federico(a)info.nl>, "keycloak-user(a)lists.jboss.org" <keycloak-user(a)lists.jboss.org> Message-ID: <187ebc41-ec5a-bdd2-6d8d-c83a852e2935(a)redhat.com> Content-Type: text/plain; charset=utf-8; format=flowed Thanks for the info! I missed one step during the release process though :) It is available now in jboss repository https://repository.jboss.org/nexus/content/groups/public/org/keycloak/key... . AFAIK in public maven repository on repo1.maven.org, it will be in next 1-2 days. Sorry for trouble, Marek Dne 24.7.2017 v 13:46 Federico Navarro Polo - Info.nl napsal(a): > Hello Marek, > > Seems like dependencies for 3.2.1.Final are not in maven, latest available dependencies are 3.2.0.Final > > https://repo.maven.apache.org/maven2/org/keycloak/keycloak-core/ > > > Regards, > Federico > > > On 21/07/17 16:36, "keycloak-user-bounces(a)lists.jboss.org on behalf of Marek Posolda" <keycloak-user-bounces(a)lists.jboss.org on behalf of mposolda(a)redhat.com> wrote: > > Keycloak 3.2.1.Final has just been released. > > This release doesn't contain any new features. However there are few > fixed bugs related to authorization services and new permissions for > admin REST API. > > To download the release go to the Keycloak homepage > <http://www.keycloak.org/downloads>. > > The full list of resolved issues is available in JIRA > <https://issues.jboss.org/issues/?jql=project%20%3D%20keycloak%20and%20fix...> > . > Upgrading > > Before you upgrade remember to backup your database and check the migration > guide > <https://keycloak.gitbooks.io/documentation/server_admin/topics/MigrationF...> > . > > _______________________________________________ > keycloak-user mailing list > keycloak-user(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/keycloak-user > >

7 years, 5 months

2
1
0 / 0

Using Keycloak within docker compose and spring boot application

by Sebastian Eichholz

I am trying to use Keycloak with my spring boot application. It’s working nicely and now I want to use docker-compose to bundle keycloak-mysql with mysql and my spring boot app. My docker-compose.yml file: {{{ mysql: image: "mysql:5.7" container_name: "mysql-for-keycloak" environment: - MYSQL_DATABASE=keycloak - MYSQL_USER=keycloak - MYSQL_PASSWORD=keycloak - MYSQL_ROOT_PASSWORD=test volumes: - /Users/sebastian/git/oregami_docker_compose/mysql_data:/var/lib/mysql keycloak: image: "jboss/keycloak-mysql:3.2.0.Final" container_name: "keycloak-with-mysql" ports: - "8087:8080" links: - "mysql:mysql" environment: - PROXY_ADDRESS_FORWARDING=true - MYSQL_DATABASE=keycloak - MYSQL_USERNAME=keycloak - MYSQL_PASSWORD=keycloak - KEYCLOAK_LOGLEVEL=DEBUG oregami: build: "./oregami-game-database-cqrs" ports: - "8080:8080" container_name: "oregami-docker" links: - "keycloak:keycloak" }}} The Dockerfile for my spring boot application: {{{ # Base Alpine Linux based image with OpenJDK JRE only FROM openjdk:8-jre-alpine # copy application WAR (with libraries inside) COPY target/oregami-0.0.2-SNAPSHOT.jar /app.jar EXPOSE 8080 # specify default command CMD ["/usr/bin/java", "-jar", "-Dkeycloak.auth-server-url=http://keycloak:8087/auth", "/app.jar"] }}} Now when I navigate to a page of my app which needs authentication I am forwarded to http://keycloak/ (I edited my /etc/hosts file for this to work). But when I submit my user and password from the login form, I get this error: {{{ java.net.ConnectException: Connection refused (Connection refused) at java.net.PlainSocketImpl.socketConnect(Native Method) ~[na:1.8.0_131] at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350) ~[na:1.8.0_131] at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206) ~[na:1.8.0_131] at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188) ~[na:1.8.0_131] at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) ~[na:1.8.0_131] at java.net.Socket.connect(Socket.java:589) ~[na:1.8.0_131] at org.apache.http.conn.scheme.PlainSocketFactory.connectSocket(PlainSocketFactory.java:120) ~[httpclient-4.5.2.jar!/:4.5.2] at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:179) ~[httpclient-4.5.2.jar!/:4.5.2] at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:144) ~[httpclient-4.5.2.jar!/:4.5.2] at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:134) ~[httpclient-4.5.2.jar!/:4.5.2] at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:612) ~[httpclient-4.5.2.jar!/:4.5.2] at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:447) ~[httpclient-4.5.2.jar!/:4.5.2] at org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:884) ~[httpclient-4.5.2.jar!/:4.5.2] at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82) ~[httpclient-4.5.2.jar!/:4.5.2] at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107) ~[httpclient-4.5.2.jar!/:4.5.2] at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:55) ~[httpclient-4.5.2.jar!/:4.5.2] at org.keycloak.adapters.ServerRequest.invokeAccessCodeToToken(ServerRequest.java:111) ~[keycloak-adapter-core-3.2.0.Final.jar!/:3.2.0.Final] at org.keycloak.adapters.OAuthRequestAuthenticator.resolveCode(OAuthRequestAuthenticator.java:330) ~[keycloak-adapter-core-3.2.0.Final.jar!/:3.2.0.Final] at org.keycloak.adapters.OAuthRequestAuthenticator.authenticate(OAuthRequestAuthenticator.java:275) ~[keycloak-adapter-core-3.2.0.Final.jar!/:3.2.0.Final] at org.keycloak.adapters.RequestAuthenticator.authenticate(RequestAuthenticator.java:139) ~[keycloak-adapter-core-3.2.0.Final.jar!/:3.2.0.Final] }}} Can anybody help? Thanks! Sebastian

7 years, 5 months

2
1
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

keycloak-user August 2017