Review for German translation of admin messages
by Stian Thorgersen
Can someone please review https://github.com/keycloak/keycloak/pull/5549
5 years, 6 months
- 1
- 0
Keycloak-js, one React app different clientIds
by Albin Blent
Hi,
We are trying to integrate the keycloak-js lib in to your react web app. Depending on what page you log in through we want to use different clientIds.
The problem is that each time we render the app and create a new instance of the Keycloak object from keycloak-js we need to supply a clientId. Before the user logs in through the keycloak portal we can figure out what clientId should be used depending on what page the user is coming from, but when redirected back from the keycloak login portal we can't know. We have tried to only use the keycloak.init({ onLoad: 'login-required' }) function and just picking a random clientId for the second initiation of the object but this does not seem to work when the user first uses one of the clientIds and then the other after the redirect. We have also tried:
keycloak.init()
if (!keycloak.authenticated) {
keycloak.login({redirectUri: 'example.com?clientId=' + clientId})
}
So that we can use the query param of the redirect to know how to initialise the Keycloak object with the right clientId. But here keycloak.authenticated is always false.
Is there a common solution for handling multiple clientIds? Are we using the init() and login() combo wrong?
We are using Keycloak server version 4.3.0.Final and keycloak-js 4.4.0
Best regards
Albin
5 years, 6 months
- 1
- 0
Re: [keycloak-user] keycloak-user Digest, Vol 58, Issue 8
by Ewan
Hi Christoph,
Some (hopefully) useful clarifications and explanations for you:
* The syntax `${env.DB_ADDR:mysql}` will look for the environment variable `DB_ADDR` falling back to `mysql` if this is not set
* Services in Openshift have their own internal DNS of the format `<service>.<pod_namespace>.svc.cluster.local` with `.<pod_namespace>.svc.cluster.local` being a default search domain inside the container. Therefore, using the the default `mysql` from the above, if you have a service called `mysql` and no DB_ADDR set this should not be a problem.
* Judging by the actual error `Caused by: java.lang.NumberFormatException: For input string: “tcp:` I would suggest that one environment variable is causing conflict by prepending with `tcp:`
* I see a warning `WARNING: MYSQL_PORT variable name is DEPRECATED replace with DB_PORT` in your startup log and the corresponding value `MYSQL_PORT=tcp://172.30.228.24:3306` in your environment variables. I believe this is causing a problem.
* Digging into the startup script, I think I have seen the issue which comes from this section in the docker entry point: https://github.com/jboss-dockerfiles/keycloak/blob/master/server/tools/do...
* Because the service is called `mysql` which creates an environment variable `MYSQL_PORT` this is being automatically detected and updated to be DB_PORT. Unfortunately this then contains the `tcp:` and is invalid.
* My suggestion to you is the following:
* Create a new namespace/project in Openshift (to avoid any naming conflicts)
* Deploy the MySQL template into the new namespace with the name “keycloak-mysql” (change this from the default `mysql` to avoid the environment renaming mentioned above. We will set a value in the deployment config) and database `keycloak`
* Deploy the `jboss/keycloak-openshift` image into the container with name `keycloak`
* Update the `keycloak` deployment config and add the environment variables `DB_VENDOR=mysql DB_ADDR=keycloak-mysql` and set the `DB_USER` and `DB_PASSWORD` values to the generated secret variables to have these maintained in a single place.
Hopefully some of the above will help you progress a little.
A useful tip if you are not aware: If you are trying to debug a pod or deployment in Openshift that fails on startup, use `oc debug dc/{{ name_of_deploymentconfig }}` from your command line to start a throwaway container that will not run the entry point script. You can then check some things and try running the startup script yourself (it tells you what command it would have run when you first run the debug command).
Happy Hacking
Ewan
On Thu, Oct 4, 2018, at 1:28 AM, keycloak-user-request(a)lists.jboss.org wrote:
> Send keycloak-user mailing list submissions to
> keycloak-user(a)lists.jboss.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://lists.jboss.org/mailman/listinfo/keycloak-user
> or, via email, send a message with subject or body 'help' to
> keycloak-user-request(a)lists.jboss.org
>
> You can reach the person managing the list at
> keycloak-user-owner(a)lists.jboss.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of keycloak-user digest..."
>
>
> Today's Topics:
>
> 1. Deploying Keycloak with a Mysql database in Openshift Origin
> fails (Christoph John)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Thu, 4 Oct 2018 01:22:04 +0200
> From: Christoph John <christoph_john(a)gmx.de>
> Subject: [keycloak-user] Deploying Keycloak with a Mysql database in
> Openshift Origin fails
> To: keycloak-user(a)lists.jboss.org
> Message-ID: <CB883140-F030-41B6-8568-11EE092BCD21(a)gmx.de>
> Content-Type: text/plain; charset=utf-8
>
> Hello together,
> I am trying to get keycloak up and running with a mysql database in
> Openshift Origin (3.10) without success. As I have no idea anymore what
> could go wrong, I hope someone on the list can give me a helpful hint.
> So far I tried the following:
>
> -The template from keycloak/openshift-examples/keycloak-https.json.
> Unfortunately, it does not work for me. To my understanding, when the
> keycloak pod is deployed, it does not find the mysql database and
> therefore fails, see attached log file. Unfortunately, I am quite new to
> openshift and have not understood yet, how the service discovery in
> Openshift works. When attaching a bash to the deployed keycloak pod, I
> can find the correct IP address of the mysql database service, for
> example in MYSQL_PORT=tcp://172.30.228.24:3306
> <tcp://172.30.228.24:3306> . I have attached the full list of
> environment variables as well.
>
> I also had a look into the keycloak sources. Under keycloak/server/
> tools/cli/databases/mysql/change-database.cl I have found the following
> line:
>
> /subsystem=datasources/data-source=KeycloakDS: add(jndi-
> name=java:jboss/datasources/KeycloakDS,enabled=true,use-java-context=true,use-ccm=true,
> connection-url=jdbc:mysql://${env.DB_ADDR:mysql}:${env.DB_PORT:3306}/$
> {env.DB_DATABASE:keycloak}${env.JDBC_PARAMS:}, driver-name=mysql)
>
> But I have not understood yet from where the variable $
> {env.DB_ADDR:mysql} should come. At least I do not find a DB_ADDR field
> in my environment.
>
> - My second attempt was therefore to use the container "jboss/keycloak-
> openshift? from Dockerhub with Docker directly, in the hope to get more
> reasonable debugging information from the docker logs. For the mysql
> container I used the same container like is deployed from the mysql 5.7
> template in Openshift. In both of the previous setups I manually
> configured a keyclock database scheme and granted privileges to the
> relevant user. With the following command line I got keycloak up and
> running smoothly.
>
> docker run -d --name keycloak --net keycloak-network -e
> KEYCLOAK_USER=user -e KEYCLOAK_PASSWORD=pwd -e DB_VENDOR=MYSQL -e
> DB_ADDR=mysql -e DB_DATABASE=keycloak -e DB_USER=user -e DB_PASSWORD=pwd
> -e JDBC_PARAMS='useSSL=false' -p 8443:8443 jboss/keycloak-openshift
> start-keycloak.sh
>
> I also checked the command line described on GitHub with the ?link
> option mysql:mysql. This does also work.
>
> Back in Openshift I tried to deploy Keycloak manually (Add to Project/
> Deploy Image) and added the same environment variables (different
> variants with and without DB_ADDR) like in the above command line.
> Unfortunately, I still do not get things up and running. Still keycloak
> does not find the database on deployment. I do not know how I have to
> specify the DB_ADDR environment variable correctly or how I have to
> connect keycloak with the mysql service object alternatively. If I bind
> the service via its secret, I do not get a DB_ADDR environment variable
> at all. The closest thing to it is an environment variable called
> uri=mysql://172.30.228.24:3306 <mysql://172.30.228.24:3306>.
>
> Would be great if someone could give me a hint here, what I am doing
> wrong, and how I could get keyclock up and running with a mysql database
> in Openshift Origin?
>
> Thanks a lot for your help.
>
> Best regards,
>
> Christoph
>
> ???????????????????????????
> Environment variables from keycloak pod whose deployment fails
>
>
> JGROUPS_DISCOVERY_PROTOCOL=dns.DNS_PING
> KEYCLOAK_PASSWORD=pwd
> JDBC_MYSQL_VERSION=5.1.46
> HOSTNAME=keycloak-2-6gtkj
> SECURE_KEYCLOAK_SERVICE_PORT=8443
> KUBERNETES_PORT_443_TCP_PORT=443
> KUBERNETES_PORT=tcp://172.30.0.1:443
> TERM=xterm
> SECURE_KEYCLOAK_PORT_8443_TCP=tcp://172.30.25.80:8443
> KEYCLOAK_SERVICE_HOST=172.30.104.119
> LAUNCH_JBOSS_IN_BACKGROUND=1
> KUBERNETES_SERVICE_PORT=443
> KUBERNETES_SERVICE_HOST=172.30.0.1
> KUBERNETES_PORT_53_TCP=tcp://172.30.0.1:53
> JBOSS_HOME=/opt/jboss/keycloak
> JDBC_MARIADB_VERSION=2.2.3
> KUBERNETES_PORT_53_TCP_PORT=53
> KUBERNETES_PORT_53_UDP=udp://172.30.0.1:53
> KUBERNETES_SERVICE_PORT_DNS=53
> KEYCLOAK_PORT=tcp://172.30.104.119:8080
> DB_VENDOR=MYSQL
> MYSQL_PORT_3306_TCP_PORT=3306
> KEYCLOAK_PORT_8080_TCP_PROTO=tcp
> KUBERNETES_PORT_53_TCP_ADDR=172.30.0.1
> MYSQL_PORT_3306_TCP=tcp://172.30.228.24:3306
> PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
> KUBERNETES_PORT_53_UDP_ADDR=172.30.0.1
> _=/usr/bin/env
> PWD=/opt/jboss
> SECURE_KEYCLOAK_SERVICE_HOST=172.30.25.80
> JAVA_HOME=/usr/lib/jvm/java
> JGROUPS_DISCOVERY_PROPERTIES=keycloak.imsproject.svc.cluster.local
> MYSQL_SERVICE_PORT_MYSQL=3306
> LANG=en_US.UTF-8
> KUBERNETES_PORT_53_UDP_PORT=53
> KEYCLOAK_VERSION=4.5.0.Final
> KEYCLOAK_PORT_8080_TCP_PORT=8080
> SECURE_KEYCLOAK_PORT=tcp://172.30.25.80:8443
> JDBC_POSTGRES_VERSION=42.2.2
> HOME=/
> SHLVL=2
> KEYCLOAK_PORT_8080_TCP=tcp://172.30.104.119:8080
> KUBERNETES_PORT_53_UDP_PROTO=udp
> KUBERNETES_PORT_443_TCP_PROTO=tcp
> KUBERNETES_SERVICE_PORT_HTTPS=443
> MYSQL_PORT_3306_TCP_PROTO=tcp
> KEYCLOAK_SERVICE_PORT=8080
> SECURE_KEYCLOAK_PORT_8443_TCP_PORT=8443
> MYSQL_PORT_3306_TCP_ADDR=172.30.228.24
> MYSQL_SERVICE_PORT=3306
> PROXY_ADDRESS_FORWARDING=false
> KEYCLOAK_PORT_8080_TCP_ADDR=172.30.104.119
> KUBERNETES_SERVICE_PORT_DNS_TCP=53
> KUBERNETES_PORT_53_TCP_PROTO=tcp
> KUBERNETES_PORT_443_TCP_ADDR=172.30.0.1
> KEYCLOAK_USER=IMSUser
> MYSQL_PORT=tcp://172.30.228.24:3306
> KUBERNETES_PORT_443_TCP=tcp://172.30.0.1:443
> SECURE_KEYCLOAK_PORT_8443_TCP_PROTO=tcp
> MYSQL_SERVICE_HOST=172.30.228.24
> SECURE_KEYCLOAK_PORT_8443_TCP_ADDR=172.30.25.80
>
> //////////////////////////////////////////////////////////////////////////////////////////////////////
> Log output from the failing keycloak pod
>
> Added 'IMSUser' to '/opt/jboss/keycloak/standalone/configuration/
> keycloak-add-user.json', restart server to load user
> -b 0.0.0.0
> WARNING: MYSQL_PORT variable name is DEPRECATED replace with DB_PORT
> =========================================================================
>
> Using MySQL database
>
> =========================================================================
>
> 22:46:32,107 INFO [org.jboss.modules] (CLI command executor) JBoss
> Modules version 1.8.5.Final
> 22:46:32,216 INFO [org.jboss.msc] (CLI command executor) JBoss MSC
> version 1.4.2.Final
> 22:46:32,235 INFO [org.jboss.threads] (CLI command executor) JBoss
> Threads version 2.3.2.Final
> 22:46:32,506 INFO [org.jboss.as] (MSC service thread 1-1) WFLYSRV0049:
> Keycloak 4.5.0.Final (WildFly Core 5.0.0.Final) starting
> 22:46:32,626 INFO [org.jboss.vfs] (MSC service thread 1-2) VFS000002:
> Failed to clean existing content for temp file provider of type temp.
> Enable DEBUG level log to find what caused this
> 22:46:34,920 INFO [org.jboss.as.controller.management-deprecated]
> (Controller Boot Thread) WFLYCTL0028: Attribute 'security-realm' in the
> resource at address '/core-service=management/management-interface=http-
> interface' is deprecated, and may be removed in a future version. See
> the attribute description in the output of the read-resource-description
> operation to learn more about the deprecation.
> 22:46:34,971 INFO [org.wildfly.security] (Controller Boot Thread)
> ELY00001: WildFly Elytron version 1.3.3.Final
> 22:46:35,071 INFO [org.jboss.as.controller.management-deprecated]
> (Controller Boot Thread) WFLYCTL0028: Attribute 'security-realm' in the
> resource at address '/subsystem=undertow/server=default-server/https-
> listener=https' is deprecated, and may be removed in a future version.
> See the attribute description in the output of the read-resource-
> description operation to learn more about the deprecation.
> 22:46:35,356 INFO [org.jboss.as.patching] (MSC service thread 1-2)
> WFLYPAT0050: Keycloak cumulative patch ID is: base, one-off patches
> include: none
> 22:46:35,388 WARN [org.jboss.as.domain.management.security] (MSC
> service thread 1-6) WFLYDM0111: Keystore /opt/jboss/keycloak/standalone/
> configuration/application.keystore not found, it will be auto generated
> on first use with a self signed certificate for host localhost
> 22:46:35,554 INFO [org.jboss.as.server] (Controller Boot Thread)
> WFLYSRV0212: Resuming server
> 22:46:35,560 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0025:
> Keycloak 4.5.0.Final (WildFly Core 5.0.0.Final) started in 3435ms -
> Started 65 of 79 services (25 services are lazy, passive or on-demand)
> The batch executed successfully
> 22:46:35,826 INFO [org.jboss.as] (MSC service thread 1-1) WFLYSRV0050:
> Keycloak 4.5.0.Final (WildFly Core 5.0.0.Final) stopped in 27ms
> 22:46:37,339 INFO [org.jboss.modules] (CLI command executor) JBoss
> Modules version 1.8.5.Final
> 22:46:37,420 INFO [org.jboss.msc] (CLI command executor) JBoss MSC
> version 1.4.2.Final
> 22:46:37,434 INFO [org.jboss.threads] (CLI command executor) JBoss
> Threads version 2.3.2.Final
> 22:46:37,662 INFO [org.jboss.as] (MSC service thread 1-2) WFLYSRV0049:
> Keycloak 4.5.0.Final (WildFly Core 5.0.0.Final) starting
> 22:46:37,772 INFO [org.jboss.vfs] (MSC service thread 1-1) VFS000002:
> Failed to clean existing content for temp file provider of type temp.
> Enable DEBUG level log to find what caused this
> 22:46:40,028 INFO [org.jboss.as.controller.management-deprecated]
> (Controller Boot Thread) WFLYCTL0028: Attribute 'security-realm' in the
> resource at address '/core-service=management/management-interface=http-
> interface' is deprecated, and may be removed in a future version. See
> the attribute description in the output of the read-resource-description
> operation to learn more about the deprecation.
> 22:46:40,073 INFO [org.wildfly.security] (Controller Boot Thread)
> ELY00001: WildFly Elytron version 1.3.3.Final
> 22:46:40,167 INFO [org.jboss.as.controller.management-deprecated]
> (Controller Boot Thread) WFLYCTL0028: Attribute 'security-realm' in the
> resource at address '/subsystem=undertow/server=default-server/https-
> listener=https' is deprecated, and may be removed in a future version.
> See the attribute description in the output of the read-resource-
> description operation to learn more about the deprecation.
> 22:46:40,456 INFO [org.jboss.as.patching] (MSC service thread 1-4)
> WFLYPAT0050: Keycloak cumulative patch ID is: base, one-off patches
> include: none
> 22:46:40,515 WARN [org.jboss.as.domain.management.security] (MSC
> service thread 1-2) WFLYDM0111: Keystore /opt/jboss/keycloak/standalone/
> configuration/application.keystore not found, it will be auto generated
> on first use with a self signed certificate for host localhost
> 22:46:40,626 INFO [org.jboss.as.server] (Controller Boot Thread)
> WFLYSRV0212: Resuming server
> 22:46:40,628 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0025:
> Keycloak 4.5.0.Final (WildFly Core 5.0.0.Final) started in 3282ms -
> Started 65 of 84 services (30 services are lazy, passive or on-demand)
> The batch executed successfully
> 22:46:40,897 INFO [org.jboss.as] (MSC service thread 1-4) WFLYSRV0050:
> Keycloak 4.5.0.Final (WildFly Core 5.0.0.Final) stopped in 18ms
> Setting JGroups discovery to dns.DNS_PING with properties
> {keycloak.imsproject.svc.cluster.local}
> =========================================================================
>
> JBoss Bootstrap Environment
>
> JBOSS_HOME: /opt/jboss/keycloak
>
> JAVA: /usr/lib/jvm/java/bin/java
>
> JAVA_OPTS: -server -Xms64m -Xmx512m -XX:MetaspaceSize=96M -
> XX:MaxMetaspaceSize=256m -Djava.net.preferIPv4Stack=true -
> Djboss.modules.system.pkgs=org.jboss.byteman -Djava.awt.headless=true
>
> =========================================================================
>
> 22:46:48,021 INFO [org.jboss.modules] (main) JBoss Modules version
> 1.8.5.Final
> 22:46:48,691 INFO [org.jboss.msc] (main) JBoss MSC version 1.4.2.Final
> 22:46:48,730 INFO [org.jboss.threads] (main) JBoss Threads version
> 2.3.2.Final
> 22:46:49,029 INFO [org.jboss.as] (MSC service thread 1-1) WFLYSRV0049:
> Keycloak 4.5.0.Final (WildFly Core 5.0.0.Final) starting
> 22:46:49,191 INFO [org.jboss.vfs] (MSC service thread 1-2) VFS000002:
> Failed to clean existing content for temp file provider of type temp.
> Enable DEBUG level log to find what caused this
> 22:46:51,823 INFO [org.jboss.as.controller.management-deprecated]
> (Controller Boot Thread) WFLYCTL0028: Attribute 'security-realm' in the
> resource at address '/core-service=management/management-interface=http-
> interface' is deprecated, and may be removed in a future version. See
> the attribute description in the output of the read-resource-description
> operation to learn more about the deprecation.
> 22:46:51,874 INFO [org.wildfly.security] (ServerService Thread Pool --
> 6) ELY00001: WildFly Elytron version 1.3.3.Final
> 22:46:51,968 INFO [org.jboss.as.controller.management-deprecated]
> (ServerService Thread Pool -- 25) WFLYCTL0028: Attribute 'security-
> realm' in the resource at address '/subsystem=undertow/server=default-
> server/https-listener=https' is deprecated, and may be removed in a
> future version. See the attribute description in the output of the read-
> resource-description operation to learn more about the deprecation.
> 22:46:52,270 INFO [org.jboss.as.server] (Controller Boot Thread)
> WFLYSRV0039: Creating http management service using socket-binding
> (management-http)
> 22:46:52,349 INFO [org.xnio] (MSC service thread 1-4) XNIO version
> 3.6.3.Final
> 22:46:52,369 INFO [org.xnio.nio] (MSC service thread 1-4) XNIO NIO
> Implementation Version 3.6.3.Final
> 22:46:52,477 INFO [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 33) WFLYCLINF0001: Activating Infinispan subsystem.
> 22:46:52,585 INFO [org.jboss.as.connector.subsystems.datasources]
> (ServerService Thread Pool -- 28) WFLYJCA0004: Deploying JDBC-compliant
> driver class org.h2.Driver (version 1.4)
> 22:46:52,628 INFO [org.jboss.as.jaxrs] (ServerService Thread Pool --
> 35) WFLYRS0016: RESTEasy version 3.5.1.Final
> 22:46:52,623 INFO [org.jboss.as.security] (ServerService Thread Pool --
> 46) WFLYSEC0002: Activating Security Subsystem
> 22:46:52,567 INFO [org.jboss.as.naming] (ServerService Thread Pool --
> 43) WFLYNAM0001: Activating Naming Subsystem
> 22:46:52,596 INFO [org.wildfly.extension.io] (ServerService Thread Pool
> -- 34) WFLYIO001: Worker 'default' has auto-configured to 6 core threads
> with 48 task threads based on your 3 available processors
> 22:46:52,575 INFO [org.jboss.as.ee] (ServerService Thread Pool -- 30)
> WFLYEE0119: The system property 'ee8.preview.mode' is NOT set to 'true'.
> For provided EE 8 APIs where the EE 8 version of the API differs from
> what is supported in EE 7, the EE 7 variant of the API will be used.
> Support for this setting will be removed once all EE 8 APIs are provided
> and certified.
> 22:46:52,608 WARN [org.jboss.as.txn] (ServerService Thread Pool -- 48)
> WFLYTX0013: The node-identifier attribute on the /subsystem=transactions
> is set to the default value. This is a danger for environments running
> multiple servers. Please make sure the attribute value is unique.
> 22:46:52,599 INFO [org.jboss.as.clustering.jgroups] (ServerService
> Thread Pool -- 37) WFLYCLJG0001: Activating JGroups subsystem. JGroups
> version 4.0.11
> 22:46:52,687 INFO [org.jboss.as.connector] (MSC service thread 1-4)
> WFLYJCA0009: Starting JCA Subsystem (WildFly/IronJacamar 1.4.9.Final)
> 22:46:52,743 INFO [org.jboss.as.connector.deployers.jdbc] (MSC service
> thread 1-3) WFLYJCA0018: Started Driver service with driver-name = h2
> 22:46:52,747 INFO [org.jboss.as.connector.subsystems.datasources]
> (ServerService Thread Pool -- 28) WFLYJCA0005: Deploying non-JDBC-
> compliant driver class com.mysql.jdbc.Driver (version 5.1)
> 22:46:52,770 INFO [org.jboss.as.security] (MSC service thread 1-3)
> WFLYSEC0001: Current PicketBox version=5.0.2.Final
> 22:46:52,789 INFO [org.jboss.remoting] (MSC service thread 1-5) JBoss
> Remoting version 5.0.7.Final
> 22:46:52,799 INFO [org.wildfly.extension.undertow] (MSC service thread
> 1-4) WFLYUT0003: Undertow 2.0.9.Final starting
> 22:46:52,794 INFO [org.jboss.as.naming] (MSC service thread 1-6)
> WFLYNAM0003: Starting Naming Service
> 22:46:52,839 INFO [org.jboss.as.connector.deployers.jdbc] (MSC service
> thread 1-4) WFLYJCA0018: Started Driver service with driver-name = mysql
> 22:46:52,841 INFO [org.jboss.as.mail.extension] (MSC service thread 1-
> 4) WFLYMAIL0001: Bound mail session [java:jboss/mail/Default]
> 22:46:53,208 INFO [org.jboss.as.ejb3] (MSC service thread 1-5)
> WFLYEJB0481: Strict pool slsb-strict-max-pool is using a max instance
> size of 48 (per class), which is derived from thread worker pool sizing.
> 22:46:53,208 INFO [org.jboss.as.ejb3] (MSC service thread 1-6)
> WFLYEJB0482: Strict pool mdb-strict-max-pool is using a max instance
> size of 12 (per class), which is derived from the number of CPUs on this
> host.
> 22:46:53,389 INFO [org.wildfly.extension.undertow] (ServerService
> Thread Pool -- 49) WFLYUT0014: Creating file handler for path '/opt/
> jboss/keycloak/welcome-content' with options [directory-listing:
> 'false', follow-symlink: 'false', case-sensitive: 'true', safe-symlink-
> paths: '[]']
> 22:46:53,414 INFO [org.wildfly.extension.undertow] (MSC service thread
> 1-1) WFLYUT0012: Started server default-server.
> 22:46:53,442 INFO [org.wildfly.extension.undertow] (MSC service thread
> 1-1) WFLYUT0018: Host default-host starting
> 22:46:53,679 INFO [org.wildfly.extension.undertow] (MSC service thread
> 1-2) WFLYUT0006: Undertow HTTP listener default listening on
> 0.0.0.0:8080
> 22:46:53,681 INFO [org.wildfly.extension.undertow] (MSC service thread
> 1-5) WFLYUT0006: Undertow AJP listener ajp listening on 0.0.0.0:8009
> 22:46:53,710 INFO [org.jboss.modcluster] (ServerService Thread Pool --
> 50) MODCLUSTER000001: Initializing mod_cluster version 1.3.9.Final
> 22:46:53,765 INFO [org.jboss.modcluster] (ServerService Thread Pool --
> 50) MODCLUSTER000032: Listening to proxy advertisements on /
> 224.0.1.105:23364
> 22:46:53,944 INFO [org.jboss.as.ejb3] (MSC service thread 1-6)
> WFLYEJB0493: EJB subsystem suspension complete
> 22:46:54,216 INFO [org.jboss.as.connector.subsystems.datasources] (MSC
> service thread 1-4) WFLYJCA0001: Bound data source
> [java:jboss/datasources/ExampleDS]
> 22:46:54,217 INFO [org.jboss.as.connector.subsystems.datasources] (MSC
> service thread 1-5) WFLYJCA0001: Bound data source
> [java:jboss/datasources/KeycloakDS]
> 22:46:54,438 INFO [org.jboss.as.patching] (MSC service thread 1-4)
> WFLYPAT0050: Keycloak cumulative patch ID is: base, one-off patches
> include: none
> 22:46:54,545 WARN [org.jboss.as.domain.management.security] (MSC
> service thread 1-4) WFLYDM0111: Keystore /opt/jboss/keycloak/standalone/
> configuration/application.keystore not found, it will be auto generated
> on first use with a self signed certificate for host localhost
> 22:46:54,623 INFO [org.jboss.as.server.deployment.scanner] (MSC service
> thread 1-6) WFLYDS0013: Started FileSystemDeploymentService for
> directory /opt/jboss/keycloak/standalone/deployments
> 22:46:54,665 INFO [org.jboss.as.server.deployment] (MSC service thread
> 1-1) WFLYSRV0027: Starting deployment of "keycloak-server.war" (runtime-
> name: "keycloak-server.war")
> 22:46:55,185 INFO [org.wildfly.extension.undertow] (MSC service thread
> 1-3) WFLYUT0006: Undertow HTTPS listener https listening on 0.0.0.0:8443
> 22:46:56,388 WARN [org.jgroups.protocols.UDP] (ServerService Thread
> Pool -- 50) JGRP000015: the send buffer of socket MulticastSocket was
> set to 1.00MB, but the OS only allocated 212.99KB. This might lead to
> performance problems. Please set your max send buffer in the OS
> correctly (e.g. net.core.wmem_max on Linux)
> 22:46:56,389 WARN [org.jgroups.protocols.UDP] (ServerService Thread
> Pool -- 50) JGRP000015: the receive buffer of socket MulticastSocket was
> set to 20.00MB, but the OS only allocated 212.99KB. This might lead to
> performance problems. Please set your max receive buffer in the OS
> correctly (e.g. net.core.rmem_max on Linux)
> 22:46:56,390 WARN [org.jgroups.protocols.UDP] (ServerService Thread
> Pool -- 50) JGRP000015: the send buffer of socket MulticastSocket was
> set to 1.00MB, but the OS only allocated 212.99KB. This might lead to
> performance problems. Please set your max send buffer in the OS
> correctly (e.g. net.core.wmem_max on Linux)
> 22:46:56,391 WARN [org.jgroups.protocols.UDP] (ServerService Thread
> Pool -- 50) JGRP000015: the receive buffer of socket MulticastSocket was
> set to 25.00MB, but the OS only allocated 212.99KB. This might lead to
> performance problems. Please set your max receive buffer in the OS
> correctly (e.g. net.core.rmem_max on Linux)
> 22:47:00,310 INFO
> [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC
> service thread 1-2) ISPN000078: Starting JGroups channel ejb
> 22:47:00,324 INFO
> [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC
> service thread 1-6) ISPN000078: Starting JGroups channel ejb
> 22:47:00,326 INFO
> [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC
> service thread 1-4) ISPN000078: Starting JGroups channel ejb
> 22:47:00,336 INFO
> [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC
> service thread 1-1) ISPN000078: Starting JGroups channel ejb
> 22:47:00,336 INFO
> [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC
> service thread 1-3) ISPN000078: Starting JGroups channel ejb
> 22:47:00,377 INFO [org.infinispan.CLUSTER] (MSC service thread 1-3)
> ISPN000094: Received new cluster view for channel ejb: [keycloak-2-
> 6gtkj|0] (1) [keycloak-2-6gtkj]
> 22:47:00,370 INFO [org.infinispan.CLUSTER] (MSC service thread 1-2)
> ISPN000094: Received new cluster view for channel ejb: [keycloak-2-
> 6gtkj|0] (1) [keycloak-2-6gtkj]
> 22:47:00,379 INFO [org.infinispan.CLUSTER] (MSC service thread 1-1)
> ISPN000094: Received new cluster view for channel ejb: [keycloak-2-
> 6gtkj|0] (1) [keycloak-2-6gtkj]
> 22:47:00,378 INFO [org.infinispan.CLUSTER] (MSC service thread 1-6)
> ISPN000094: Received new cluster view for channel ejb: [keycloak-2-
> 6gtkj|0] (1) [keycloak-2-6gtkj]
> 22:47:00,378 INFO [org.infinispan.CLUSTER] (MSC service thread 1-4)
> ISPN000094: Received new cluster view for channel ejb: [keycloak-2-
> 6gtkj|0] (1) [keycloak-2-6gtkj]
> 22:47:00,399 INFO
> [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC
> service thread 1-6) ISPN000079: Channel ejb local address is keycloak-2-
> 6gtkj, physical addresses are [10.128.1.109:55200]
> 22:47:00,405 INFO
> [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC
> service thread 1-1) ISPN000079: Channel ejb local address is keycloak-2-
> 6gtkj, physical addresses are [10.128.1.109:55200]
> 22:47:00,412 INFO
> [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC
> service thread 1-4) ISPN000079: Channel ejb local address is keycloak-2-
> 6gtkj, physical addresses are [10.128.1.109:55200]
> 22:47:00,416 INFO
> [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC
> service thread 1-2) ISPN000079: Channel ejb local address is keycloak-2-
> 6gtkj, physical addresses are [10.128.1.109:55200]
> 22:47:00,461 INFO
> [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC
> service thread 1-3) ISPN000079: Channel ejb local address is keycloak-2-
> 6gtkj, physical addresses are [10.128.1.109:55200]
> 22:47:00,415 INFO [org.infinispan.factories.GlobalComponentRegistry]
> (MSC service thread 1-4) ISPN000128: Infinispan version: Infinispan
> 'Gaina' 9.2.4.Final
> 22:47:01,446 INFO [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 61) WFLYCLINF0002: Started keys cache from keycloak
> container
> 22:47:01,531 INFO [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 59) WFLYCLINF0002: Started users cache from keycloak
> container
> 22:47:01,532 INFO [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 58) WFLYCLINF0002: Started realms cache from keycloak
> container
> 22:47:01,533 INFO [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 54) WFLYCLINF0002: Started authorization cache from
> keycloak container
> 22:47:01,692 INFO [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 57) WFLYCLINF0002: Started actionTokens cache from
> keycloak container
> 22:47:01,698 INFO [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 52) WFLYCLINF0002: Started offlineSessions cache from
> keycloak container
> 22:47:01,703 INFO [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 55) WFLYCLINF0002: Started offlineClientSessions cache
> from keycloak container
> 22:47:01,707 INFO [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 60) WFLYCLINF0002: Started clientSessions cache from
> keycloak container
> 22:47:01,717 INFO [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 56) WFLYCLINF0002: Started work cache from keycloak
> container
> 22:47:01,720 INFO [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 51) WFLYCLINF0002: Started sessions cache from keycloak
> container
> 22:47:01,723 INFO [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 62) WFLYCLINF0002: Started client-mappings cache from ejb
> container
> 22:47:01,736 INFO [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 50) WFLYCLINF0002: Started authenticationSessions cache
> from keycloak container
> 22:47:01,737 INFO [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 53) WFLYCLINF0002: Started loginFailures cache from
> keycloak container
> 22:47:03,105 INFO [org.keycloak.services] (ServerService Thread Pool --
> 50) KC-SERVICES0001: Loading config from standalone.xml or domain.xml
> 22:47:04,201 INFO [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 50) WFLYCLINF0002: Started realmRevisions cache from
> keycloak container
> 22:47:04,214 INFO [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 50) WFLYCLINF0002: Started userRevisions cache from
> keycloak container
> 22:47:04,263 INFO [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 50) WFLYCLINF0002: Started authorizationRevisions cache
> from keycloak container
> 22:47:04,268 INFO
> [org.keycloak.connections.infinispan.DefaultInfinispanConnectionProviderFactory]
> (ServerService Thread Pool -- 50) Node name: keycloak-2-6gtkj, Site
> name: null
> 22:47:05,132 WARN
> [org.jboss.jca.core.connectionmanager.pool.strategy.OnePool]
> (ServerService Thread Pool -- 50) IJ000604: Throwable while attempting
> to get a new connection: null: javax.resource.ResourceException:
> IJ031084: Unable to create connection
> at
> org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createLocalManagedConnection(LocalManagedConnectionFactory.java:345)
> at
> org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.getLocalManagedConnection(LocalManagedConnectionFactory.java:352)
> at
> org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createManagedConnection(LocalManagedConnectionFactory.java:287)
> at
> org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.createConnectionEventListener(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:1326)
> at
> org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.getConnection(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:499)
> at
> org.jboss.jca.core.connectionmanager.pool.AbstractPool.getSimpleConnection(AbstractPool.java:632)
> at
> org.jboss.jca.core.connectionmanager.pool.AbstractPool.getConnection(AbstractPool.java:604)
> at
> org.jboss.jca.core.connectionmanager.AbstractConnectionManager.getManagedConnection(AbstractConnectionManager.java:624)
> at
> org.jboss.jca.core.connectionmanager.tx.TxConnectionManagerImpl.getManagedConnection(TxConnectionManagerImpl.java:430)
> at
> org.jboss.jca.core.connectionmanager.AbstractConnectionManager.allocateConnection(AbstractConnectionManager.java:789)
> at
> org.jboss.jca.adapters.jdbc.WrapperDataSource.getConnection(WrapperDataSource.java:138)
> at
> org.jboss.as.connector.subsystems.datasources.WildFlyDataSource.getConnection(WildFlyDataSource.java:64)
> at
> org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.getConnection(DefaultJpaConnectionProviderFactory.java:367)
> at
> org.keycloak.connections.jpa.updater.liquibase.lock.LiquibaseDBLockProvider.lazyInit(LiquibaseDBLockProvider.java:65)
> at
> org.keycloak.connections.jpa.updater.liquibase.lock.LiquibaseDBLockProvider.lambda
> $waitForLock$0(LiquibaseDBLockProvider.java:97)
> at
> org.keycloak.models.utils.KeycloakModelUtils.suspendJtaTransaction(KeycloakModelUtils.java:611)
> at
> org.keycloak.connections.jpa.updater.liquibase.lock.LiquibaseDBLockProvider.waitForLock(LiquibaseDBLockProvider.java:95)
> at org.keycloak.services.resources.KeycloakApplication
> $1.run(KeycloakApplication.java:143)
> at
> org.keycloak.models.utils.KeycloakModelUtils.runJobInTransaction(KeycloakModelUtils.java:227)
> at
> org.keycloak.services.resources.KeycloakApplication.<init>(KeycloakApplication.java:136)
> at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> at
> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
> at
> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
> at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
> at
> org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:150)
> at
> org.jboss.resteasy.spi.ResteasyProviderFactory.createProviderInstance(ResteasyProviderFactory.java:2676)
> at
> org.jboss.resteasy.spi.ResteasyDeployment.createApplication(ResteasyDeployment.java:361)
> at
> org.jboss.resteasy.spi.ResteasyDeployment.startInternal(ResteasyDeployment.java:274)
> at
> org.jboss.resteasy.spi.ResteasyDeployment.start(ResteasyDeployment.java:86)
> at
> org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.init(ServletContainerDispatcher.java:119)
> at
> org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.init(HttpServletDispatcher.java:36)
> at
> io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:117)
> at
> org.wildfly.extension.undertow.security.RunAsLifecycleInterceptor.init(RunAsLifecycleInterceptor.java:78)
> at
> io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:103)
> at io.undertow.servlet.core.ManagedServlet
> $DefaultInstanceStrategy.start(ManagedServlet.java:300)
> at
> io.undertow.servlet.core.ManagedServlet.createServlet(ManagedServlet.java:140)
> at io.undertow.servlet.core.DeploymentManagerImpl
> $2.call(DeploymentManagerImpl.java:584)
> at io.undertow.servlet.core.DeploymentManagerImpl
> $2.call(DeploymentManagerImpl.java:555)
> at io.undertow.servlet.core.ServletRequestContextThreadSetupAction
> $1.call(ServletRequestContextThreadSetupAction.java:42)
> at io.undertow.servlet.core.ContextClassLoaderSetupAction
> $1.call(ContextClassLoaderSetupAction.java:43)
> at
> org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda
> $create$0(SecurityContextThreadSetupAction.java:105)
> at
> org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService
> $UndertowThreadSetupAction.lambda$create
> $0(UndertowDeploymentInfoService.java:1514)
> at
> org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService
> $UndertowThreadSetupAction.lambda$create
> $0(UndertowDeploymentInfoService.java:1514)
> at
> org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService
> $UndertowThreadSetupAction.lambda$create
> $0(UndertowDeploymentInfoService.java:1514)
> at
> org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService
> $UndertowThreadSetupAction.lambda$create
> $0(UndertowDeploymentInfoService.java:1514)
> at
> io.undertow.servlet.core.DeploymentManagerImpl.start(DeploymentManagerImpl.java:597)
> at
> org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:97)
> at org.wildfly.extension.undertow.deployment.UndertowDeploymentService
> $1.run(UndertowDeploymentService.java:78)
> at java.util.concurrent.Executors
> $RunnableAdapter.call(Executors.java:511)
> at java.util.concurrent.FutureTask.run(FutureTask.java:266)
> at
> org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
> at
> org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)
> at org.jboss.threads.EnhancedQueueExecutor
> $ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)
> at org.jboss.threads.EnhancedQueueExecutor
> $ThreadBody.run(EnhancedQueueExecutor.java:1378)
> at java.lang.Thread.run(Thread.java:748)
> at org.jboss.threads.JBossThread.run(JBossThread.java:485)
> Caused by:
> com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionException:
> Cannot load connection class because of underlying exception:
> 'java.lang.NumberFormatException: For input string: "tcp:"'.
> at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> at
> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
> at
> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
> at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
> at com.mysql.jdbc.Util.handleNewInstance(Util.java:425)
> at com.mysql.jdbc.Util.getInstance(Util.java:408)
> at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:919)
> at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:898)
> at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:887)
> at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:861)
> at
> com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:338)
> at
> org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createLocalManagedConnection(LocalManagedConnectionFactory.java:321)
> ... 55 more
> Caused by: java.lang.NumberFormatException: For input string: "tcp:"
> at
> java.lang.NumberFormatException.forInputString(NumberFormatException.java:65)
> at java.lang.Integer.parseInt(Integer.java:580)
> at java.lang.Integer.parseInt(Integer.java:615)
> at
> com.mysql.jdbc.NonRegisteringDriver.port(NonRegisteringDriver.java:825)
> at
> com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:330)
> ... 56 more
>
> 22:47:05,168 INFO [org.jboss.as.server] (Thread-2) WFLYSRV0220: Server
> shutdown has been requested via an OS signal
> 22:47:05,177 ERROR [org.jboss.msc.service.fail] (ServerService Thread
> Pool -- 50) MSC000001: Failed to start service
> jboss.undertow.deployment.default-server.default-host./auth:
> org.jboss.msc.service.StartException in service
> jboss.undertow.deployment.default-server.default-host./auth:
> java.lang.RuntimeException: RESTEASY003325: Failed to construct public
> org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher)
> at org.wildfly.extension.undertow.deployment.UndertowDeploymentService
> $1.run(UndertowDeploymentService.java:81)
> at java.util.concurrent.Executors
> $RunnableAdapter.call(Executors.java:511)
> at java.util.concurrent.FutureTask.run(FutureTask.java:266)
> at
> org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
> at
> org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)
> at org.jboss.threads.EnhancedQueueExecutor
> $ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)
> at org.jboss.threads.EnhancedQueueExecutor
> $ThreadBody.run(EnhancedQueueExecutor.java:1378)
> at java.lang.Thread.run(Thread.java:748)
> at org.jboss.threads.JBossThread.run(JBossThread.java:485)
> Caused by: java.lang.RuntimeException: RESTEASY003325: Failed to
> construct public
> org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher)
> at
> org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:162)
> at
> org.jboss.resteasy.spi.ResteasyProviderFactory.createProviderInstance(ResteasyProviderFactory.java:2676)
> at
> org.jboss.resteasy.spi.ResteasyDeployment.createApplication(ResteasyDeployment.java:361)
> at
> org.jboss.resteasy.spi.ResteasyDeployment.startInternal(ResteasyDeployment.java:274)
> at
> org.jboss.resteasy.spi.ResteasyDeployment.start(ResteasyDeployment.java:86)
> at
> org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.init(ServletContainerDispatcher.java:119)
> at
> org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.init(HttpServletDispatcher.java:36)
> at
> io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:117)
> at
> org.wildfly.extension.undertow.security.RunAsLifecycleInterceptor.init(RunAsLifecycleInterceptor.java:78)
> at
> io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:103)
> at io.undertow.servlet.core.ManagedServlet
> $DefaultInstanceStrategy.start(ManagedServlet.java:300)
> at
> io.undertow.servlet.core.ManagedServlet.createServlet(ManagedServlet.java:140)
> at io.undertow.servlet.core.DeploymentManagerImpl
> $2.call(DeploymentManagerImpl.java:584)
> at io.undertow.servlet.core.DeploymentManagerImpl
> $2.call(DeploymentManagerImpl.java:555)
> at io.undertow.servlet.core.ServletRequestContextThreadSetupAction
> $1.call(ServletRequestContextThreadSetupAction.java:42)
> at io.undertow.servlet.core.ContextClassLoaderSetupAction
> $1.call(ContextClassLoaderSetupAction.java:43)
> at
> org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda
> $create$0(SecurityContextThreadSetupAction.java:105)
> at
> org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService
> $UndertowThreadSetupAction.lambda$create
> $0(UndertowDeploymentInfoService.java:1514)
> at
> org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService
> $UndertowThreadSetupAction.lambda$create
> $0(UndertowDeploymentInfoService.java:1514)
> at
> org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService
> $UndertowThreadSetupAction.lambda$create
> $0(UndertowDeploymentInfoService.java:1514)
> at
> org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService
> $UndertowThreadSetupAction.lambda$create
> $0(UndertowDeploymentInfoService.java:1514)
> at
> io.undertow.servlet.core.DeploymentManagerImpl.start(DeploymentManagerImpl.java:597)
> at
> org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:97)
> at org.wildfly.extension.undertow.deployment.UndertowDeploymentService
> $1.run(UndertowDeploymentService.java:78)
> ... 8 more
> Caused by: java.lang.RuntimeException: Failed to connect to database
> at
> org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.getConnection(DefaultJpaConnectionProviderFactory.java:373)
> at
> org.keycloak.connections.jpa.updater.liquibase.lock.LiquibaseDBLockProvider.lazyInit(LiquibaseDBLockProvider.java:65)
> at
> org.keycloak.connections.jpa.updater.liquibase.lock.LiquibaseDBLockProvider.lambda
> $waitForLock$0(LiquibaseDBLockProvider.java:97)
> at
> org.keycloak.models.utils.KeycloakModelUtils.suspendJtaTransaction(KeycloakModelUtils.java:611)
> at
> org.keycloak.connections.jpa.updater.liquibase.lock.LiquibaseDBLockProvider.waitForLock(LiquibaseDBLockProvider.java:95)
> at org.keycloak.services.resources.KeycloakApplication
> $1.run(KeycloakApplication.java:143)
> at
> org.keycloak.models.utils.KeycloakModelUtils.runJobInTransaction(KeycloakModelUtils.java:227)
> at
> org.keycloak.services.resources.KeycloakApplication.<init>(KeycloakApplication.java:136)
> at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> at
> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
> at
> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
> at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
> at
> org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:150)
> ... 31 more
> Caused by: java.sql.SQLException: javax.resource.ResourceException:
> IJ000453: Unable to get managed connection for
> java:jboss/datasources/KeycloakDS
> at
> org.jboss.jca.adapters.jdbc.WrapperDataSource.getConnection(WrapperDataSource.java:146)
> at
> org.jboss.as.connector.subsystems.datasources.WildFlyDataSource.getConnection(WildFlyDataSource.java:64)
> at
> org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.getConnection(DefaultJpaConnectionProviderFactory.java:367)
> ... 43 more
> Caused by: javax.resource.ResourceException: IJ000453: Unable to get
> managed connection for java:jboss/datasources/KeycloakDS
> at
> org.jboss.jca.core.connectionmanager.AbstractConnectionManager.getManagedConnection(AbstractConnectionManager.java:690)
> at
> org.jboss.jca.core.connectionmanager.tx.TxConnectionManagerImpl.getManagedConnection(TxConnectionManagerImpl.java:430)
> at
> org.jboss.jca.core.connectionmanager.AbstractConnectionManager.allocateConnection(AbstractConnectionManager.java:789)
> at
> org.jboss.jca.adapters.jdbc.WrapperDataSource.getConnection(WrapperDataSource.java:138)
> ... 45 more
> Caused by: javax.resource.ResourceException: IJ031084: Unable to create
> connection
> at
> org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createLocalManagedConnection(LocalManagedConnectionFactory.java:345)
> at
> org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.getLocalManagedConnection(LocalManagedConnectionFactory.java:352)
> at
> org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createManagedConnection(LocalManagedConnectionFactory.java:287)
> at
> org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.createConnectionEventListener(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:1326)
> at
> org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.getConnection(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:499)
> at
> org.jboss.jca.core.connectionmanager.pool.AbstractPool.getSimpleConnection(AbstractPool.java:632)
> at
> org.jboss.jca.core.connectionmanager.pool.AbstractPool.getConnection(AbstractPool.java:604)
> at
> org.jboss.jca.core.connectionmanager.AbstractConnectionManager.getManagedConnection(AbstractConnectionManager.java:624)
> ... 48 more
> Caused by:
> com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionException:
> Cannot load connection class because of underlying exception:
> 'java.lang.NumberFormatException: For input string: "tcp:"'.
> at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> at
> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
> at
> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
> at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
> at com.mysql.jdbc.Util.handleNewInstance(Util.java:425)
> at com.mysql.jdbc.Util.getInstance(Util.java:408)
> at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:919)
> at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:898)
> at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:887)
> at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:861)
> at
> com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:338)
> at
> org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createLocalManagedConnection(LocalManagedConnectionFactory.java:321)
> ... 55 more
> Caused by: java.lang.NumberFormatException: For input string: "tcp:"
> at
> java.lang.NumberFormatException.forInputString(NumberFormatException.java:65)
> at java.lang.Integer.parseInt(Integer.java:580)
> at java.lang.Integer.parseInt(Integer.java:615)
> at
> com.mysql.jdbc.NonRegisteringDriver.port(NonRegisteringDriver.java:825)
> at
> com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:330)
> ... 56 more
>
> 22:47:05,250 INFO
> [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC
> service thread 1-2) ISPN000080: Disconnecting JGroups channel ejb
> 22:47:05,253 INFO
> [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC
> service thread 1-2) ISPN000080: Disconnecting JGroups channel ejb
> 22:47:05,254 INFO
> [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC
> service thread 1-3) ISPN000080: Disconnecting JGroups channel ejb
> 22:47:05,279 INFO [org.jboss.as.connector.subsystems.datasources] (MSC
> service thread 1-2) WFLYJCA0010: Unbound data source
> [java:jboss/datasources/KeycloakDS]
> 22:47:05,283 INFO [org.wildfly.extension.undertow] (MSC service thread
> 1-5) WFLYUT0008: Undertow AJP listener ajp suspending
> 22:47:05,284 INFO [org.wildfly.extension.undertow] (MSC service thread
> 1-2) WFLYUT0008: Undertow HTTPS listener https suspending
> 22:47:05,290 INFO [org.jboss.modcluster] (ServerService Thread Pool --
> 55) MODCLUSTER000002: Initiating mod_cluster shutdown
> 22:47:05,313 INFO [org.jboss.as.connector.subsystems.datasources] (MSC
> service thread 1-6) WFLYJCA0010: Unbound data source
> [java:jboss/datasources/ExampleDS]
> 22:47:05,313 INFO [org.jboss.as.connector.deployers.jdbc] (MSC service
> thread 1-6) WFLYJCA0019: Stopped Driver service with driver-name = mysql
> 22:47:05,315 INFO [org.wildfly.extension.undertow] (MSC service thread
> 1-2) WFLYUT0007: Undertow HTTPS listener https stopped, was bound to
> 0.0.0.0:8443
> 22:47:05,320 INFO [org.wildfly.extension.undertow] (MSC service thread
> 1-5) WFLYUT0007: Undertow AJP listener ajp stopped, was bound to
> 0.0.0.0:8009
> 22:47:05,340 INFO [org.wildfly.extension.undertow] (MSC service thread
> 1-5) WFLYUT0019: Host default-host stopping
> 22:47:05,348 INFO [org.jboss.as.connector.deployers.jdbc] (MSC service
> thread 1-3) WFLYJCA0019: Stopped Driver service with driver-name = h2
> 22:47:05,364 INFO [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 52) WFLYCLINF0003: Stopped offlineSessions cache from
> keycloak container
> 22:47:05,373 INFO [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 58) WFLYCLINF0003: Stopped realms cache from keycloak
> container
> 22:47:05,378 INFO [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 50) WFLYCLINF0003: Stopped users cache from keycloak
> container
> 22:47:05,379 INFO [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 61) WFLYCLINF0003: Stopped authorization cache from
> keycloak container
> 22:47:05,384 INFO [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 54) WFLYCLINF0003: Stopped keys cache from keycloak
> container
> 22:47:05,391 INFO [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 55) WFLYCLINF0003: Stopped client-mappings cache from ejb
> container
> 22:47:05,392 INFO
> [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC
> service thread 1-1) ISPN000080: Disconnecting JGroups channel ejb
> 22:47:05,400 INFO [org.wildfly.extension.undertow] (MSC service thread
> 1-3) WFLYUT0008: Undertow HTTP listener default suspending
> 22:47:05,401 INFO [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 60) WFLYCLINF0003: Stopped work cache from keycloak
> container
> 22:47:05,403 INFO [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 56) WFLYCLINF0003: Stopped sessions cache from keycloak
> container
> 22:47:05,404 INFO [org.wildfly.extension.undertow] (MSC service thread
> 1-3) WFLYUT0007: Undertow HTTP listener default stopped, was bound to
> 0.0.0.0:8080
> 22:47:05,407 INFO [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 53) WFLYCLINF0003: Stopped offlineClientSessions cache
> from keycloak container
> 22:47:05,407 INFO [org.wildfly.extension.undertow] (MSC service thread
> 1-6) WFLYUT0004: Undertow 2.0.9.Final stopping
> 22:47:05,407 INFO [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 57) WFLYCLINF0003: Stopped authenticationSessions cache
> from keycloak container
> 22:47:05,409 INFO [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 62) WFLYCLINF0003: Stopped actionTokens cache from
> keycloak container
> 22:47:05,413 INFO [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 51) WFLYCLINF0003: Stopped clientSessions cache from
> keycloak container
> 22:47:05,415 INFO [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 59) WFLYCLINF0003: Stopped loginFailures cache from
> keycloak container
> 22:47:05,440 INFO [org.jboss.as.clustering.infinispan] (MSC service
> thread 1-5) WFLYCLINF0003: Stopped authorizationRevisions cache from
> keycloak container
> 22:47:05,450 INFO [org.jboss.as.server.deployment] (MSC service thread
> 1-6) WFLYSRV0028: Stopped deployment keycloak-server.war (runtime-name:
> keycloak-server.war) in 277ms
> 22:47:05,454 INFO [org.jboss.as.clustering.infinispan] (MSC service
> thread 1-5) WFLYCLINF0003: Stopped realmRevisions cache from keycloak
> container
> 22:47:05,466 INFO [org.jboss.as.clustering.infinispan] (MSC service
> thread 1-5) WFLYCLINF0003: Stopped userRevisions cache from keycloak
> container
> 22:47:05,467 INFO
> [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC
> service thread 1-5) ISPN000080: Disconnecting JGroups channel ejb
>
>
>
>
> ------------------------------
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
> End of keycloak-user Digest, Vol 58, Issue 8
> ********************************************
5 years, 6 months
- 1
- 0
Client Adapter and Clock Skew
by Mandera, Thomas [US] (TS)
I am using the Keycloak client adapter (Tomcat Valve) with Shibboleth as the IdP.
I have been encountering problems which I believe relate to clock-skew, which I'm unable to resolve externally (No amount of clock syncing between the IdP and the SP has been consistently good enough to avoid periodic problems, and I have limited ability to make further configuration changes).
Shibboleth sends the NOT-BEFORE time in the payload, and the Keycloak adapter dutifully honors that.
Occasionally the assertion arrives and the SP's clock is before the token is valid, and the user/token is rejected.
I believe this is in the order of several milliseconds, but even 1ms is enough for the Keycloak client to reject the assertion.
KEYCLOAK-4538<https://issues.jboss.org/browse/KEYCLOAK-4538> corrected this problem, but only for the JsonClient.
In 4.4.0, org.keycloak.saml.processing.core.saml.v2.util.AssertionUtil.hasExpired() makes the call to XMLTimeUtil.isValid.
There is an alternate hasExpired() that takes in "clockSkewInMillis" but I don't see anything that calls that routine.
(org.keycloak.adapters.saml.profile.AbstractSamlAuthenticationHandler makes the call to AssertionUtil.hasExpired())
Am I missing where/how to configure the allowable clockskew for the client?
If I'm not, then I propose adding the clockSkewInMillis as an attribute to the IDP configuration in keycloak-saml.xml by adding to the XSD (should the XSD version number increment from 1.9 to 2.0 along the way?), adding it to the IDP object that represents the IDP configuration, and then within AbstractSamlAuthenticationHandler, we can retrieve the clockSkewInMillis from the SamlDeployment deployment object, and make the appropriate call (or, as I think the latest revisions with 4.5.0 do, initialize the allowable skew to 0 and update it when necessary - but I believe 4.5.0 still doesn't provide me with a method to SET the allowable clock skew)
Am I correct in my understanding that there is not currently a means to configure the allowable clock-skew-in-millis for the Tomcat (and others?) SAML client?
Thank you,
-Tom
5 years, 6 months
- 1
- 0
Deploying Keycloak with a Mysql database in Openshift Origin fails
by Christoph John
Hello together,
I am trying to get keycloak up and running with a mysql database in Openshift Origin (3.10) without success. As I have no idea anymore what could go wrong, I hope someone on the list can give me a helpful hint. So far I tried the following:
-The template from keycloak/openshift-examples/keycloak-https.json. Unfortunately, it does not work for me. To my understanding, when the keycloak pod is deployed, it does not find the mysql database and therefore fails, see attached log file. Unfortunately, I am quite new to openshift and have not understood yet, how the service discovery in Openshift works. When attaching a bash to the deployed keycloak pod, I can find the correct IP address of the mysql database service, for example in MYSQL_PORT=tcp://172.30.228.24:3306 <tcp://172.30.228.24:3306> . I have attached the full list of environment variables as well.
I also had a look into the keycloak sources. Under keycloak/server/tools/cli/databases/mysql/change-database.cl I have found the following line:
/subsystem=datasources/data-source=KeycloakDS: add(jndi-name=java:jboss/datasources/KeycloakDS,enabled=true,use-java-context=true,use-ccm=true, connection-url=jdbc:mysql://${env.DB_ADDR:mysql}:${env.DB_PORT:3306}/${env.DB_DATABASE:keycloak}${env.JDBC_PARAMS:}, driver-name=mysql)
But I have not understood yet from where the variable ${env.DB_ADDR:mysql} should come. At least I do not find a DB_ADDR field in my environment.
- My second attempt was therefore to use the container "jboss/keycloak-openshift“ from Dockerhub with Docker directly, in the hope to get more reasonable debugging information from the docker logs. For the mysql container I used the same container like is deployed from the mysql 5.7 template in Openshift. In both of the previous setups I manually configured a keyclock database scheme and granted privileges to the relevant user. With the following command line I got keycloak up and running smoothly.
docker run -d --name keycloak --net keycloak-network -e KEYCLOAK_USER=user -e KEYCLOAK_PASSWORD=pwd -e DB_VENDOR=MYSQL -e DB_ADDR=mysql -e DB_DATABASE=keycloak -e DB_USER=user -e DB_PASSWORD=pwd -e JDBC_PARAMS='useSSL=false' -p 8443:8443 jboss/keycloak-openshift start-keycloak.sh
I also checked the command line described on GitHub with the —link option mysql:mysql. This does also work.
Back in Openshift I tried to deploy Keycloak manually (Add to Project/ Deploy Image) and added the same environment variables (different variants with and without DB_ADDR) like in the above command line. Unfortunately, I still do not get things up and running. Still keycloak does not find the database on deployment. I do not know how I have to specify the DB_ADDR environment variable correctly or how I have to connect keycloak with the mysql service object alternatively. If I bind the service via its secret, I do not get a DB_ADDR environment variable at all. The closest thing to it is an environment variable called uri=mysql://172.30.228.24:3306 <mysql://172.30.228.24:3306>.
Would be great if someone could give me a hint here, what I am doing wrong, and how I could get keyclock up and running with a mysql database in Openshift Origin?
Thanks a lot for your help.
Best regards,
Christoph
———————————————————————————
Environment variables from keycloak pod whose deployment fails
JGROUPS_DISCOVERY_PROTOCOL=dns.DNS_PING
KEYCLOAK_PASSWORD=pwd
JDBC_MYSQL_VERSION=5.1.46
HOSTNAME=keycloak-2-6gtkj
SECURE_KEYCLOAK_SERVICE_PORT=8443
KUBERNETES_PORT_443_TCP_PORT=443
KUBERNETES_PORT=tcp://172.30.0.1:443
TERM=xterm
SECURE_KEYCLOAK_PORT_8443_TCP=tcp://172.30.25.80:8443
KEYCLOAK_SERVICE_HOST=172.30.104.119
LAUNCH_JBOSS_IN_BACKGROUND=1
KUBERNETES_SERVICE_PORT=443
KUBERNETES_SERVICE_HOST=172.30.0.1
KUBERNETES_PORT_53_TCP=tcp://172.30.0.1:53
JBOSS_HOME=/opt/jboss/keycloak
JDBC_MARIADB_VERSION=2.2.3
KUBERNETES_PORT_53_TCP_PORT=53
KUBERNETES_PORT_53_UDP=udp://172.30.0.1:53
KUBERNETES_SERVICE_PORT_DNS=53
KEYCLOAK_PORT=tcp://172.30.104.119:8080
DB_VENDOR=MYSQL
MYSQL_PORT_3306_TCP_PORT=3306
KEYCLOAK_PORT_8080_TCP_PROTO=tcp
KUBERNETES_PORT_53_TCP_ADDR=172.30.0.1
MYSQL_PORT_3306_TCP=tcp://172.30.228.24:3306
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
KUBERNETES_PORT_53_UDP_ADDR=172.30.0.1
_=/usr/bin/env
PWD=/opt/jboss
SECURE_KEYCLOAK_SERVICE_HOST=172.30.25.80
JAVA_HOME=/usr/lib/jvm/java
JGROUPS_DISCOVERY_PROPERTIES=keycloak.imsproject.svc.cluster.local
MYSQL_SERVICE_PORT_MYSQL=3306
LANG=en_US.UTF-8
KUBERNETES_PORT_53_UDP_PORT=53
KEYCLOAK_VERSION=4.5.0.Final
KEYCLOAK_PORT_8080_TCP_PORT=8080
SECURE_KEYCLOAK_PORT=tcp://172.30.25.80:8443
JDBC_POSTGRES_VERSION=42.2.2
HOME=/
SHLVL=2
KEYCLOAK_PORT_8080_TCP=tcp://172.30.104.119:8080
KUBERNETES_PORT_53_UDP_PROTO=udp
KUBERNETES_PORT_443_TCP_PROTO=tcp
KUBERNETES_SERVICE_PORT_HTTPS=443
MYSQL_PORT_3306_TCP_PROTO=tcp
KEYCLOAK_SERVICE_PORT=8080
SECURE_KEYCLOAK_PORT_8443_TCP_PORT=8443
MYSQL_PORT_3306_TCP_ADDR=172.30.228.24
MYSQL_SERVICE_PORT=3306
PROXY_ADDRESS_FORWARDING=false
KEYCLOAK_PORT_8080_TCP_ADDR=172.30.104.119
KUBERNETES_SERVICE_PORT_DNS_TCP=53
KUBERNETES_PORT_53_TCP_PROTO=tcp
KUBERNETES_PORT_443_TCP_ADDR=172.30.0.1
KEYCLOAK_USER=IMSUser
MYSQL_PORT=tcp://172.30.228.24:3306
KUBERNETES_PORT_443_TCP=tcp://172.30.0.1:443
SECURE_KEYCLOAK_PORT_8443_TCP_PROTO=tcp
MYSQL_SERVICE_HOST=172.30.228.24
SECURE_KEYCLOAK_PORT_8443_TCP_ADDR=172.30.25.80
//////////////////////////////////////////////////////////////////////////////////////////////////////
Log output from the failing keycloak pod
Added 'IMSUser' to '/opt/jboss/keycloak/standalone/configuration/keycloak-add-user.json', restart server to load user
-b 0.0.0.0
WARNING: MYSQL_PORT variable name is DEPRECATED replace with DB_PORT
=========================================================================
Using MySQL database
=========================================================================
22:46:32,107 INFO [org.jboss.modules] (CLI command executor) JBoss Modules version 1.8.5.Final
22:46:32,216 INFO [org.jboss.msc] (CLI command executor) JBoss MSC version 1.4.2.Final
22:46:32,235 INFO [org.jboss.threads] (CLI command executor) JBoss Threads version 2.3.2.Final
22:46:32,506 INFO [org.jboss.as] (MSC service thread 1-1) WFLYSRV0049: Keycloak 4.5.0.Final (WildFly Core 5.0.0.Final) starting
22:46:32,626 INFO [org.jboss.vfs] (MSC service thread 1-2) VFS000002: Failed to clean existing content for temp file provider of type temp. Enable DEBUG level log to find what caused this
22:46:34,920 INFO [org.jboss.as.controller.management-deprecated] (Controller Boot Thread) WFLYCTL0028: Attribute 'security-realm' in the resource at address '/core-service=management/management-interface=http-interface' is deprecated, and may be removed in a future version. See the attribute description in the output of the read-resource-description operation to learn more about the deprecation.
22:46:34,971 INFO [org.wildfly.security] (Controller Boot Thread) ELY00001: WildFly Elytron version 1.3.3.Final
22:46:35,071 INFO [org.jboss.as.controller.management-deprecated] (Controller Boot Thread) WFLYCTL0028: Attribute 'security-realm' in the resource at address '/subsystem=undertow/server=default-server/https-listener=https' is deprecated, and may be removed in a future version. See the attribute description in the output of the read-resource-description operation to learn more about the deprecation.
22:46:35,356 INFO [org.jboss.as.patching] (MSC service thread 1-2) WFLYPAT0050: Keycloak cumulative patch ID is: base, one-off patches include: none
22:46:35,388 WARN [org.jboss.as.domain.management.security] (MSC service thread 1-6) WFLYDM0111: Keystore /opt/jboss/keycloak/standalone/configuration/application.keystore not found, it will be auto generated on first use with a self signed certificate for host localhost
22:46:35,554 INFO [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0212: Resuming server
22:46:35,560 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0025: Keycloak 4.5.0.Final (WildFly Core 5.0.0.Final) started in 3435ms - Started 65 of 79 services (25 services are lazy, passive or on-demand)
The batch executed successfully
22:46:35,826 INFO [org.jboss.as] (MSC service thread 1-1) WFLYSRV0050: Keycloak 4.5.0.Final (WildFly Core 5.0.0.Final) stopped in 27ms
22:46:37,339 INFO [org.jboss.modules] (CLI command executor) JBoss Modules version 1.8.5.Final
22:46:37,420 INFO [org.jboss.msc] (CLI command executor) JBoss MSC version 1.4.2.Final
22:46:37,434 INFO [org.jboss.threads] (CLI command executor) JBoss Threads version 2.3.2.Final
22:46:37,662 INFO [org.jboss.as] (MSC service thread 1-2) WFLYSRV0049: Keycloak 4.5.0.Final (WildFly Core 5.0.0.Final) starting
22:46:37,772 INFO [org.jboss.vfs] (MSC service thread 1-1) VFS000002: Failed to clean existing content for temp file provider of type temp. Enable DEBUG level log to find what caused this
22:46:40,028 INFO [org.jboss.as.controller.management-deprecated] (Controller Boot Thread) WFLYCTL0028: Attribute 'security-realm' in the resource at address '/core-service=management/management-interface=http-interface' is deprecated, and may be removed in a future version. See the attribute description in the output of the read-resource-description operation to learn more about the deprecation.
22:46:40,073 INFO [org.wildfly.security] (Controller Boot Thread) ELY00001: WildFly Elytron version 1.3.3.Final
22:46:40,167 INFO [org.jboss.as.controller.management-deprecated] (Controller Boot Thread) WFLYCTL0028: Attribute 'security-realm' in the resource at address '/subsystem=undertow/server=default-server/https-listener=https' is deprecated, and may be removed in a future version. See the attribute description in the output of the read-resource-description operation to learn more about the deprecation.
22:46:40,456 INFO [org.jboss.as.patching] (MSC service thread 1-4) WFLYPAT0050: Keycloak cumulative patch ID is: base, one-off patches include: none
22:46:40,515 WARN [org.jboss.as.domain.management.security] (MSC service thread 1-2) WFLYDM0111: Keystore /opt/jboss/keycloak/standalone/configuration/application.keystore not found, it will be auto generated on first use with a self signed certificate for host localhost
22:46:40,626 INFO [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0212: Resuming server
22:46:40,628 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0025: Keycloak 4.5.0.Final (WildFly Core 5.0.0.Final) started in 3282ms - Started 65 of 84 services (30 services are lazy, passive or on-demand)
The batch executed successfully
22:46:40,897 INFO [org.jboss.as] (MSC service thread 1-4) WFLYSRV0050: Keycloak 4.5.0.Final (WildFly Core 5.0.0.Final) stopped in 18ms
Setting JGroups discovery to dns.DNS_PING with properties {keycloak.imsproject.svc.cluster.local}
=========================================================================
JBoss Bootstrap Environment
JBOSS_HOME: /opt/jboss/keycloak
JAVA: /usr/lib/jvm/java/bin/java
JAVA_OPTS: -server -Xms64m -Xmx512m -XX:MetaspaceSize=96M -XX:MaxMetaspaceSize=256m -Djava.net.preferIPv4Stack=true -Djboss.modules.system.pkgs=org.jboss.byteman -Djava.awt.headless=true
=========================================================================
22:46:48,021 INFO [org.jboss.modules] (main) JBoss Modules version 1.8.5.Final
22:46:48,691 INFO [org.jboss.msc] (main) JBoss MSC version 1.4.2.Final
22:46:48,730 INFO [org.jboss.threads] (main) JBoss Threads version 2.3.2.Final
22:46:49,029 INFO [org.jboss.as] (MSC service thread 1-1) WFLYSRV0049: Keycloak 4.5.0.Final (WildFly Core 5.0.0.Final) starting
22:46:49,191 INFO [org.jboss.vfs] (MSC service thread 1-2) VFS000002: Failed to clean existing content for temp file provider of type temp. Enable DEBUG level log to find what caused this
22:46:51,823 INFO [org.jboss.as.controller.management-deprecated] (Controller Boot Thread) WFLYCTL0028: Attribute 'security-realm' in the resource at address '/core-service=management/management-interface=http-interface' is deprecated, and may be removed in a future version. See the attribute description in the output of the read-resource-description operation to learn more about the deprecation.
22:46:51,874 INFO [org.wildfly.security] (ServerService Thread Pool -- 6) ELY00001: WildFly Elytron version 1.3.3.Final
22:46:51,968 INFO [org.jboss.as.controller.management-deprecated] (ServerService Thread Pool -- 25) WFLYCTL0028: Attribute 'security-realm' in the resource at address '/subsystem=undertow/server=default-server/https-listener=https' is deprecated, and may be removed in a future version. See the attribute description in the output of the read-resource-description operation to learn more about the deprecation.
22:46:52,270 INFO [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0039: Creating http management service using socket-binding (management-http)
22:46:52,349 INFO [org.xnio] (MSC service thread 1-4) XNIO version 3.6.3.Final
22:46:52,369 INFO [org.xnio.nio] (MSC service thread 1-4) XNIO NIO Implementation Version 3.6.3.Final
22:46:52,477 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 33) WFLYCLINF0001: Activating Infinispan subsystem.
22:46:52,585 INFO [org.jboss.as.connector.subsystems.datasources] (ServerService Thread Pool -- 28) WFLYJCA0004: Deploying JDBC-compliant driver class org.h2.Driver (version 1.4)
22:46:52,628 INFO [org.jboss.as.jaxrs] (ServerService Thread Pool -- 35) WFLYRS0016: RESTEasy version 3.5.1.Final
22:46:52,623 INFO [org.jboss.as.security] (ServerService Thread Pool -- 46) WFLYSEC0002: Activating Security Subsystem
22:46:52,567 INFO [org.jboss.as.naming] (ServerService Thread Pool -- 43) WFLYNAM0001: Activating Naming Subsystem
22:46:52,596 INFO [org.wildfly.extension.io] (ServerService Thread Pool -- 34) WFLYIO001: Worker 'default' has auto-configured to 6 core threads with 48 task threads based on your 3 available processors
22:46:52,575 INFO [org.jboss.as.ee] (ServerService Thread Pool -- 30) WFLYEE0119: The system property 'ee8.preview.mode' is NOT set to 'true'. For provided EE 8 APIs where the EE 8 version of the API differs from what is supported in EE 7, the EE 7 variant of the API will be used. Support for this setting will be removed once all EE 8 APIs are provided and certified.
22:46:52,608 WARN [org.jboss.as.txn] (ServerService Thread Pool -- 48) WFLYTX0013: The node-identifier attribute on the /subsystem=transactions is set to the default value. This is a danger for environments running multiple servers. Please make sure the attribute value is unique.
22:46:52,599 INFO [org.jboss.as.clustering.jgroups] (ServerService Thread Pool -- 37) WFLYCLJG0001: Activating JGroups subsystem. JGroups version 4.0.11
22:46:52,687 INFO [org.jboss.as.connector] (MSC service thread 1-4) WFLYJCA0009: Starting JCA Subsystem (WildFly/IronJacamar 1.4.9.Final)
22:46:52,743 INFO [org.jboss.as.connector.deployers.jdbc] (MSC service thread 1-3) WFLYJCA0018: Started Driver service with driver-name = h2
22:46:52,747 INFO [org.jboss.as.connector.subsystems.datasources] (ServerService Thread Pool -- 28) WFLYJCA0005: Deploying non-JDBC-compliant driver class com.mysql.jdbc.Driver (version 5.1)
22:46:52,770 INFO [org.jboss.as.security] (MSC service thread 1-3) WFLYSEC0001: Current PicketBox version=5.0.2.Final
22:46:52,789 INFO [org.jboss.remoting] (MSC service thread 1-5) JBoss Remoting version 5.0.7.Final
22:46:52,799 INFO [org.wildfly.extension.undertow] (MSC service thread 1-4) WFLYUT0003: Undertow 2.0.9.Final starting
22:46:52,794 INFO [org.jboss.as.naming] (MSC service thread 1-6) WFLYNAM0003: Starting Naming Service
22:46:52,839 INFO [org.jboss.as.connector.deployers.jdbc] (MSC service thread 1-4) WFLYJCA0018: Started Driver service with driver-name = mysql
22:46:52,841 INFO [org.jboss.as.mail.extension] (MSC service thread 1-4) WFLYMAIL0001: Bound mail session [java:jboss/mail/Default]
22:46:53,208 INFO [org.jboss.as.ejb3] (MSC service thread 1-5) WFLYEJB0481: Strict pool slsb-strict-max-pool is using a max instance size of 48 (per class), which is derived from thread worker pool sizing.
22:46:53,208 INFO [org.jboss.as.ejb3] (MSC service thread 1-6) WFLYEJB0482: Strict pool mdb-strict-max-pool is using a max instance size of 12 (per class), which is derived from the number of CPUs on this host.
22:46:53,389 INFO [org.wildfly.extension.undertow] (ServerService Thread Pool -- 49) WFLYUT0014: Creating file handler for path '/opt/jboss/keycloak/welcome-content' with options [directory-listing: 'false', follow-symlink: 'false', case-sensitive: 'true', safe-symlink-paths: '[]']
22:46:53,414 INFO [org.wildfly.extension.undertow] (MSC service thread 1-1) WFLYUT0012: Started server default-server.
22:46:53,442 INFO [org.wildfly.extension.undertow] (MSC service thread 1-1) WFLYUT0018: Host default-host starting
22:46:53,679 INFO [org.wildfly.extension.undertow] (MSC service thread 1-2) WFLYUT0006: Undertow HTTP listener default listening on 0.0.0.0:8080
22:46:53,681 INFO [org.wildfly.extension.undertow] (MSC service thread 1-5) WFLYUT0006: Undertow AJP listener ajp listening on 0.0.0.0:8009
22:46:53,710 INFO [org.jboss.modcluster] (ServerService Thread Pool -- 50) MODCLUSTER000001: Initializing mod_cluster version 1.3.9.Final
22:46:53,765 INFO [org.jboss.modcluster] (ServerService Thread Pool -- 50) MODCLUSTER000032: Listening to proxy advertisements on /224.0.1.105:23364
22:46:53,944 INFO [org.jboss.as.ejb3] (MSC service thread 1-6) WFLYEJB0493: EJB subsystem suspension complete
22:46:54,216 INFO [org.jboss.as.connector.subsystems.datasources] (MSC service thread 1-4) WFLYJCA0001: Bound data source [java:jboss/datasources/ExampleDS]
22:46:54,217 INFO [org.jboss.as.connector.subsystems.datasources] (MSC service thread 1-5) WFLYJCA0001: Bound data source [java:jboss/datasources/KeycloakDS]
22:46:54,438 INFO [org.jboss.as.patching] (MSC service thread 1-4) WFLYPAT0050: Keycloak cumulative patch ID is: base, one-off patches include: none
22:46:54,545 WARN [org.jboss.as.domain.management.security] (MSC service thread 1-4) WFLYDM0111: Keystore /opt/jboss/keycloak/standalone/configuration/application.keystore not found, it will be auto generated on first use with a self signed certificate for host localhost
22:46:54,623 INFO [org.jboss.as.server.deployment.scanner] (MSC service thread 1-6) WFLYDS0013: Started FileSystemDeploymentService for directory /opt/jboss/keycloak/standalone/deployments
22:46:54,665 INFO [org.jboss.as.server.deployment] (MSC service thread 1-1) WFLYSRV0027: Starting deployment of "keycloak-server.war" (runtime-name: "keycloak-server.war")
22:46:55,185 INFO [org.wildfly.extension.undertow] (MSC service thread 1-3) WFLYUT0006: Undertow HTTPS listener https listening on 0.0.0.0:8443
22:46:56,388 WARN [org.jgroups.protocols.UDP] (ServerService Thread Pool -- 50) JGRP000015: the send buffer of socket MulticastSocket was set to 1.00MB, but the OS only allocated 212.99KB. This might lead to performance problems. Please set your max send buffer in the OS correctly (e.g. net.core.wmem_max on Linux)
22:46:56,389 WARN [org.jgroups.protocols.UDP] (ServerService Thread Pool -- 50) JGRP000015: the receive buffer of socket MulticastSocket was set to 20.00MB, but the OS only allocated 212.99KB. This might lead to performance problems. Please set your max receive buffer in the OS correctly (e.g. net.core.rmem_max on Linux)
22:46:56,390 WARN [org.jgroups.protocols.UDP] (ServerService Thread Pool -- 50) JGRP000015: the send buffer of socket MulticastSocket was set to 1.00MB, but the OS only allocated 212.99KB. This might lead to performance problems. Please set your max send buffer in the OS correctly (e.g. net.core.wmem_max on Linux)
22:46:56,391 WARN [org.jgroups.protocols.UDP] (ServerService Thread Pool -- 50) JGRP000015: the receive buffer of socket MulticastSocket was set to 25.00MB, but the OS only allocated 212.99KB. This might lead to performance problems. Please set your max receive buffer in the OS correctly (e.g. net.core.rmem_max on Linux)
22:47:00,310 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-2) ISPN000078: Starting JGroups channel ejb
22:47:00,324 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-6) ISPN000078: Starting JGroups channel ejb
22:47:00,326 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-4) ISPN000078: Starting JGroups channel ejb
22:47:00,336 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-1) ISPN000078: Starting JGroups channel ejb
22:47:00,336 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-3) ISPN000078: Starting JGroups channel ejb
22:47:00,377 INFO [org.infinispan.CLUSTER] (MSC service thread 1-3) ISPN000094: Received new cluster view for channel ejb: [keycloak-2-6gtkj|0] (1) [keycloak-2-6gtkj]
22:47:00,370 INFO [org.infinispan.CLUSTER] (MSC service thread 1-2) ISPN000094: Received new cluster view for channel ejb: [keycloak-2-6gtkj|0] (1) [keycloak-2-6gtkj]
22:47:00,379 INFO [org.infinispan.CLUSTER] (MSC service thread 1-1) ISPN000094: Received new cluster view for channel ejb: [keycloak-2-6gtkj|0] (1) [keycloak-2-6gtkj]
22:47:00,378 INFO [org.infinispan.CLUSTER] (MSC service thread 1-6) ISPN000094: Received new cluster view for channel ejb: [keycloak-2-6gtkj|0] (1) [keycloak-2-6gtkj]
22:47:00,378 INFO [org.infinispan.CLUSTER] (MSC service thread 1-4) ISPN000094: Received new cluster view for channel ejb: [keycloak-2-6gtkj|0] (1) [keycloak-2-6gtkj]
22:47:00,399 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-6) ISPN000079: Channel ejb local address is keycloak-2-6gtkj, physical addresses are [10.128.1.109:55200]
22:47:00,405 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-1) ISPN000079: Channel ejb local address is keycloak-2-6gtkj, physical addresses are [10.128.1.109:55200]
22:47:00,412 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-4) ISPN000079: Channel ejb local address is keycloak-2-6gtkj, physical addresses are [10.128.1.109:55200]
22:47:00,416 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-2) ISPN000079: Channel ejb local address is keycloak-2-6gtkj, physical addresses are [10.128.1.109:55200]
22:47:00,461 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-3) ISPN000079: Channel ejb local address is keycloak-2-6gtkj, physical addresses are [10.128.1.109:55200]
22:47:00,415 INFO [org.infinispan.factories.GlobalComponentRegistry] (MSC service thread 1-4) ISPN000128: Infinispan version: Infinispan 'Gaina' 9.2.4.Final
22:47:01,446 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 61) WFLYCLINF0002: Started keys cache from keycloak container
22:47:01,531 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 59) WFLYCLINF0002: Started users cache from keycloak container
22:47:01,532 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 58) WFLYCLINF0002: Started realms cache from keycloak container
22:47:01,533 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 54) WFLYCLINF0002: Started authorization cache from keycloak container
22:47:01,692 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 57) WFLYCLINF0002: Started actionTokens cache from keycloak container
22:47:01,698 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 52) WFLYCLINF0002: Started offlineSessions cache from keycloak container
22:47:01,703 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 55) WFLYCLINF0002: Started offlineClientSessions cache from keycloak container
22:47:01,707 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 60) WFLYCLINF0002: Started clientSessions cache from keycloak container
22:47:01,717 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 56) WFLYCLINF0002: Started work cache from keycloak container
22:47:01,720 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 51) WFLYCLINF0002: Started sessions cache from keycloak container
22:47:01,723 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 62) WFLYCLINF0002: Started client-mappings cache from ejb container
22:47:01,736 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 50) WFLYCLINF0002: Started authenticationSessions cache from keycloak container
22:47:01,737 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 53) WFLYCLINF0002: Started loginFailures cache from keycloak container
22:47:03,105 INFO [org.keycloak.services] (ServerService Thread Pool -- 50) KC-SERVICES0001: Loading config from standalone.xml or domain.xml
22:47:04,201 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 50) WFLYCLINF0002: Started realmRevisions cache from keycloak container
22:47:04,214 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 50) WFLYCLINF0002: Started userRevisions cache from keycloak container
22:47:04,263 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 50) WFLYCLINF0002: Started authorizationRevisions cache from keycloak container
22:47:04,268 INFO [org.keycloak.connections.infinispan.DefaultInfinispanConnectionProviderFactory] (ServerService Thread Pool -- 50) Node name: keycloak-2-6gtkj, Site name: null
22:47:05,132 WARN [org.jboss.jca.core.connectionmanager.pool.strategy.OnePool] (ServerService Thread Pool -- 50) IJ000604: Throwable while attempting to get a new connection: null: javax.resource.ResourceException: IJ031084: Unable to create connection
at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createLocalManagedConnection(LocalManagedConnectionFactory.java:345)
at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.getLocalManagedConnection(LocalManagedConnectionFactory.java:352)
at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createManagedConnection(LocalManagedConnectionFactory.java:287)
at org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.createConnectionEventListener(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:1326)
at org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.getConnection(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:499)
at org.jboss.jca.core.connectionmanager.pool.AbstractPool.getSimpleConnection(AbstractPool.java:632)
at org.jboss.jca.core.connectionmanager.pool.AbstractPool.getConnection(AbstractPool.java:604)
at org.jboss.jca.core.connectionmanager.AbstractConnectionManager.getManagedConnection(AbstractConnectionManager.java:624)
at org.jboss.jca.core.connectionmanager.tx.TxConnectionManagerImpl.getManagedConnection(TxConnectionManagerImpl.java:430)
at org.jboss.jca.core.connectionmanager.AbstractConnectionManager.allocateConnection(AbstractConnectionManager.java:789)
at org.jboss.jca.adapters.jdbc.WrapperDataSource.getConnection(WrapperDataSource.java:138)
at org.jboss.as.connector.subsystems.datasources.WildFlyDataSource.getConnection(WildFlyDataSource.java:64)
at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.getConnection(DefaultJpaConnectionProviderFactory.java:367)
at org.keycloak.connections.jpa.updater.liquibase.lock.LiquibaseDBLockProvider.lazyInit(LiquibaseDBLockProvider.java:65)
at org.keycloak.connections.jpa.updater.liquibase.lock.LiquibaseDBLockProvider.lambda$waitForLock$0(LiquibaseDBLockProvider.java:97)
at org.keycloak.models.utils.KeycloakModelUtils.suspendJtaTransaction(KeycloakModelUtils.java:611)
at org.keycloak.connections.jpa.updater.liquibase.lock.LiquibaseDBLockProvider.waitForLock(LiquibaseDBLockProvider.java:95)
at org.keycloak.services.resources.KeycloakApplication$1.run(KeycloakApplication.java:143)
at org.keycloak.models.utils.KeycloakModelUtils.runJobInTransaction(KeycloakModelUtils.java:227)
at org.keycloak.services.resources.KeycloakApplication.<init>(KeycloakApplication.java:136)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
at org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:150)
at org.jboss.resteasy.spi.ResteasyProviderFactory.createProviderInstance(ResteasyProviderFactory.java:2676)
at org.jboss.resteasy.spi.ResteasyDeployment.createApplication(ResteasyDeployment.java:361)
at org.jboss.resteasy.spi.ResteasyDeployment.startInternal(ResteasyDeployment.java:274)
at org.jboss.resteasy.spi.ResteasyDeployment.start(ResteasyDeployment.java:86)
at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.init(ServletContainerDispatcher.java:119)
at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.init(HttpServletDispatcher.java:36)
at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:117)
at org.wildfly.extension.undertow.security.RunAsLifecycleInterceptor.init(RunAsLifecycleInterceptor.java:78)
at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:103)
at io.undertow.servlet.core.ManagedServlet$DefaultInstanceStrategy.start(ManagedServlet.java:300)
at io.undertow.servlet.core.ManagedServlet.createServlet(ManagedServlet.java:140)
at io.undertow.servlet.core.DeploymentManagerImpl$2.call(DeploymentManagerImpl.java:584)
at io.undertow.servlet.core.DeploymentManagerImpl$2.call(DeploymentManagerImpl.java:555)
at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:42)
at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1514)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1514)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1514)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1514)
at io.undertow.servlet.core.DeploymentManagerImpl.start(DeploymentManagerImpl.java:597)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:97)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:78)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)
at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)
at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378)
at java.lang.Thread.run(Thread.java:748)
at org.jboss.threads.JBossThread.run(JBossThread.java:485)
Caused by: com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionException: Cannot load connection class because of underlying exception: 'java.lang.NumberFormatException: For input string: "tcp:"'.
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:425)
at com.mysql.jdbc.Util.getInstance(Util.java:408)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:919)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:898)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:887)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:861)
at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:338)
at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createLocalManagedConnection(LocalManagedConnectionFactory.java:321)
... 55 more
Caused by: java.lang.NumberFormatException: For input string: "tcp:"
at java.lang.NumberFormatException.forInputString(NumberFormatException.java:65)
at java.lang.Integer.parseInt(Integer.java:580)
at java.lang.Integer.parseInt(Integer.java:615)
at com.mysql.jdbc.NonRegisteringDriver.port(NonRegisteringDriver.java:825)
at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:330)
... 56 more
22:47:05,168 INFO [org.jboss.as.server] (Thread-2) WFLYSRV0220: Server shutdown has been requested via an OS signal
22:47:05,177 ERROR [org.jboss.msc.service.fail] (ServerService Thread Pool -- 50) MSC000001: Failed to start service jboss.undertow.deployment.default-server.default-host./auth: org.jboss.msc.service.StartException in service jboss.undertow.deployment.default-server.default-host./auth: java.lang.RuntimeException: RESTEASY003325: Failed to construct public org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:81)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)
at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)
at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378)
at java.lang.Thread.run(Thread.java:748)
at org.jboss.threads.JBossThread.run(JBossThread.java:485)
Caused by: java.lang.RuntimeException: RESTEASY003325: Failed to construct public org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher)
at org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:162)
at org.jboss.resteasy.spi.ResteasyProviderFactory.createProviderInstance(ResteasyProviderFactory.java:2676)
at org.jboss.resteasy.spi.ResteasyDeployment.createApplication(ResteasyDeployment.java:361)
at org.jboss.resteasy.spi.ResteasyDeployment.startInternal(ResteasyDeployment.java:274)
at org.jboss.resteasy.spi.ResteasyDeployment.start(ResteasyDeployment.java:86)
at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.init(ServletContainerDispatcher.java:119)
at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.init(HttpServletDispatcher.java:36)
at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:117)
at org.wildfly.extension.undertow.security.RunAsLifecycleInterceptor.init(RunAsLifecycleInterceptor.java:78)
at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:103)
at io.undertow.servlet.core.ManagedServlet$DefaultInstanceStrategy.start(ManagedServlet.java:300)
at io.undertow.servlet.core.ManagedServlet.createServlet(ManagedServlet.java:140)
at io.undertow.servlet.core.DeploymentManagerImpl$2.call(DeploymentManagerImpl.java:584)
at io.undertow.servlet.core.DeploymentManagerImpl$2.call(DeploymentManagerImpl.java:555)
at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:42)
at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1514)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1514)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1514)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1514)
at io.undertow.servlet.core.DeploymentManagerImpl.start(DeploymentManagerImpl.java:597)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:97)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:78)
... 8 more
Caused by: java.lang.RuntimeException: Failed to connect to database
at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.getConnection(DefaultJpaConnectionProviderFactory.java:373)
at org.keycloak.connections.jpa.updater.liquibase.lock.LiquibaseDBLockProvider.lazyInit(LiquibaseDBLockProvider.java:65)
at org.keycloak.connections.jpa.updater.liquibase.lock.LiquibaseDBLockProvider.lambda$waitForLock$0(LiquibaseDBLockProvider.java:97)
at org.keycloak.models.utils.KeycloakModelUtils.suspendJtaTransaction(KeycloakModelUtils.java:611)
at org.keycloak.connections.jpa.updater.liquibase.lock.LiquibaseDBLockProvider.waitForLock(LiquibaseDBLockProvider.java:95)
at org.keycloak.services.resources.KeycloakApplication$1.run(KeycloakApplication.java:143)
at org.keycloak.models.utils.KeycloakModelUtils.runJobInTransaction(KeycloakModelUtils.java:227)
at org.keycloak.services.resources.KeycloakApplication.<init>(KeycloakApplication.java:136)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
at org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:150)
... 31 more
Caused by: java.sql.SQLException: javax.resource.ResourceException: IJ000453: Unable to get managed connection for java:jboss/datasources/KeycloakDS
at org.jboss.jca.adapters.jdbc.WrapperDataSource.getConnection(WrapperDataSource.java:146)
at org.jboss.as.connector.subsystems.datasources.WildFlyDataSource.getConnection(WildFlyDataSource.java:64)
at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.getConnection(DefaultJpaConnectionProviderFactory.java:367)
... 43 more
Caused by: javax.resource.ResourceException: IJ000453: Unable to get managed connection for java:jboss/datasources/KeycloakDS
at org.jboss.jca.core.connectionmanager.AbstractConnectionManager.getManagedConnection(AbstractConnectionManager.java:690)
at org.jboss.jca.core.connectionmanager.tx.TxConnectionManagerImpl.getManagedConnection(TxConnectionManagerImpl.java:430)
at org.jboss.jca.core.connectionmanager.AbstractConnectionManager.allocateConnection(AbstractConnectionManager.java:789)
at org.jboss.jca.adapters.jdbc.WrapperDataSource.getConnection(WrapperDataSource.java:138)
... 45 more
Caused by: javax.resource.ResourceException: IJ031084: Unable to create connection
at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createLocalManagedConnection(LocalManagedConnectionFactory.java:345)
at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.getLocalManagedConnection(LocalManagedConnectionFactory.java:352)
at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createManagedConnection(LocalManagedConnectionFactory.java:287)
at org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.createConnectionEventListener(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:1326)
at org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.getConnection(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:499)
at org.jboss.jca.core.connectionmanager.pool.AbstractPool.getSimpleConnection(AbstractPool.java:632)
at org.jboss.jca.core.connectionmanager.pool.AbstractPool.getConnection(AbstractPool.java:604)
at org.jboss.jca.core.connectionmanager.AbstractConnectionManager.getManagedConnection(AbstractConnectionManager.java:624)
... 48 more
Caused by: com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionException: Cannot load connection class because of underlying exception: 'java.lang.NumberFormatException: For input string: "tcp:"'.
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:425)
at com.mysql.jdbc.Util.getInstance(Util.java:408)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:919)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:898)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:887)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:861)
at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:338)
at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createLocalManagedConnection(LocalManagedConnectionFactory.java:321)
... 55 more
Caused by: java.lang.NumberFormatException: For input string: "tcp:"
at java.lang.NumberFormatException.forInputString(NumberFormatException.java:65)
at java.lang.Integer.parseInt(Integer.java:580)
at java.lang.Integer.parseInt(Integer.java:615)
at com.mysql.jdbc.NonRegisteringDriver.port(NonRegisteringDriver.java:825)
at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:330)
... 56 more
22:47:05,250 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-2) ISPN000080: Disconnecting JGroups channel ejb
22:47:05,253 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-2) ISPN000080: Disconnecting JGroups channel ejb
22:47:05,254 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-3) ISPN000080: Disconnecting JGroups channel ejb
22:47:05,279 INFO [org.jboss.as.connector.subsystems.datasources] (MSC service thread 1-2) WFLYJCA0010: Unbound data source [java:jboss/datasources/KeycloakDS]
22:47:05,283 INFO [org.wildfly.extension.undertow] (MSC service thread 1-5) WFLYUT0008: Undertow AJP listener ajp suspending
22:47:05,284 INFO [org.wildfly.extension.undertow] (MSC service thread 1-2) WFLYUT0008: Undertow HTTPS listener https suspending
22:47:05,290 INFO [org.jboss.modcluster] (ServerService Thread Pool -- 55) MODCLUSTER000002: Initiating mod_cluster shutdown
22:47:05,313 INFO [org.jboss.as.connector.subsystems.datasources] (MSC service thread 1-6) WFLYJCA0010: Unbound data source [java:jboss/datasources/ExampleDS]
22:47:05,313 INFO [org.jboss.as.connector.deployers.jdbc] (MSC service thread 1-6) WFLYJCA0019: Stopped Driver service with driver-name = mysql
22:47:05,315 INFO [org.wildfly.extension.undertow] (MSC service thread 1-2) WFLYUT0007: Undertow HTTPS listener https stopped, was bound to 0.0.0.0:8443
22:47:05,320 INFO [org.wildfly.extension.undertow] (MSC service thread 1-5) WFLYUT0007: Undertow AJP listener ajp stopped, was bound to 0.0.0.0:8009
22:47:05,340 INFO [org.wildfly.extension.undertow] (MSC service thread 1-5) WFLYUT0019: Host default-host stopping
22:47:05,348 INFO [org.jboss.as.connector.deployers.jdbc] (MSC service thread 1-3) WFLYJCA0019: Stopped Driver service with driver-name = h2
22:47:05,364 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 52) WFLYCLINF0003: Stopped offlineSessions cache from keycloak container
22:47:05,373 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 58) WFLYCLINF0003: Stopped realms cache from keycloak container
22:47:05,378 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 50) WFLYCLINF0003: Stopped users cache from keycloak container
22:47:05,379 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 61) WFLYCLINF0003: Stopped authorization cache from keycloak container
22:47:05,384 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 54) WFLYCLINF0003: Stopped keys cache from keycloak container
22:47:05,391 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 55) WFLYCLINF0003: Stopped client-mappings cache from ejb container
22:47:05,392 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-1) ISPN000080: Disconnecting JGroups channel ejb
22:47:05,400 INFO [org.wildfly.extension.undertow] (MSC service thread 1-3) WFLYUT0008: Undertow HTTP listener default suspending
22:47:05,401 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 60) WFLYCLINF0003: Stopped work cache from keycloak container
22:47:05,403 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 56) WFLYCLINF0003: Stopped sessions cache from keycloak container
22:47:05,404 INFO [org.wildfly.extension.undertow] (MSC service thread 1-3) WFLYUT0007: Undertow HTTP listener default stopped, was bound to 0.0.0.0:8080
22:47:05,407 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 53) WFLYCLINF0003: Stopped offlineClientSessions cache from keycloak container
22:47:05,407 INFO [org.wildfly.extension.undertow] (MSC service thread 1-6) WFLYUT0004: Undertow 2.0.9.Final stopping
22:47:05,407 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 57) WFLYCLINF0003: Stopped authenticationSessions cache from keycloak container
22:47:05,409 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 62) WFLYCLINF0003: Stopped actionTokens cache from keycloak container
22:47:05,413 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 51) WFLYCLINF0003: Stopped clientSessions cache from keycloak container
22:47:05,415 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 59) WFLYCLINF0003: Stopped loginFailures cache from keycloak container
22:47:05,440 INFO [org.jboss.as.clustering.infinispan] (MSC service thread 1-5) WFLYCLINF0003: Stopped authorizationRevisions cache from keycloak container
22:47:05,450 INFO [org.jboss.as.server.deployment] (MSC service thread 1-6) WFLYSRV0028: Stopped deployment keycloak-server.war (runtime-name: keycloak-server.war) in 277ms
22:47:05,454 INFO [org.jboss.as.clustering.infinispan] (MSC service thread 1-5) WFLYCLINF0003: Stopped realmRevisions cache from keycloak container
22:47:05,466 INFO [org.jboss.as.clustering.infinispan] (MSC service thread 1-5) WFLYCLINF0003: Stopped userRevisions cache from keycloak container
22:47:05,467 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-5) ISPN000080: Disconnecting JGroups channel ejb
5 years, 6 months
- 1
- 0
Add Display Name in Client Authorization Resources and Scopes Pages
by Brian Brooks (US)
Are there any plans to add the Display Name column to the client authorization "Resources" page and "Authorization Scopes" page?
Right now, when the Display Name is set, it doesn't seem to be used for anything. We'd like our customer's to have a "friendly" Display Name while we set the resource "Name" and scope "Name" fields to more programmatic-oriented identifiers.
Is there an existing JIRA requesting this change?
I saw this mailing list post that seem to be related:
"On Fri Nov 3 03:37:27 EDT 2017, Stian Thorgersen wrote:
> BTW, Why do you display the "name" value on the screen instead of the
> display name value? Not a critical issue, but a noted quirk.
Probably just wasn't updated when we added display name field as originally
we only had the name. JIRA/PR welcome ;)"
http://lists.jboss.org/pipermail/keycloak-user/2017-November/012164.html
Brian Brooks
Sr Software Engineer
Brian.Brooks(a)datapath.com
Office: +1 678 252 4498
2205 Northmont Pkwy, STE 100
Duluth, GA 30096
This email and any files transmitted with it are intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains information that is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
5 years, 6 months
- 1
- 0
Why no Mapper Type -> User Client Role with SAML clients?
by Adrien DESBIAUX
Hi there,
It may have been asked already, but I cannot find it in keycloak-user email history and threads.
So, I was wondering why it was not possible to have a mapper of type "User Client Role" with a SAML client. Only Role list is available but then it is also including realm roles which is a bit noisy.
Thank you in advance for your time replying to that email.
Cheers!
5 years, 6 months
- 1
- 0
Role for managing, but not deleting users in Admin Console
by Markus
Hi,
We need to give a user group permission to manage local Keycloak users
on certain realms using the Admin Console.
When using the manage-users role, the group members are able to manage
AND delete users. But they should just be able to manage users or
carry out administrative tasks, not to delete users.
How can I achieve this?
Thanks,
--Markus
5 years, 6 months
- 1
- 0
Securing a REST API Along Side SAML
by Caleb McHenry
I have a web app that makes REST calls to various servers (all of which I
have control of).
I have a requirement to secure my web app with SAML using keycloak (which I
have been able to do). Now I want to secure my REST APIs. After doing some
digging into the Keycloak docs and the mailing list it appears that I
should use the SAML assertion to get an OAtuh2 token (since it appears
using ECP is ill-advised). My understanding is that I cannot get a username
and it's roles from Keycloak by giving it a SAML assertion.
So does this mean I need to keep track of active sessions and the users and
roles they correspond to? This seems like a bad idea to me because it could
easily become out of sync with Keycloak.
I understand I can get the username and roles from the intial login
assertion, but I would think I would want my REST APIs to verify the
requester is who they say they are. Please correct me if I am over looking
or misunderstanding something. But if anyone has suggestions they would be
appreciated.
Thanks, Caleb
5 years, 6 months
- 1
- 0
difference between the x509 Client Certificate authentication and X509 Client Authenticator
by Meissa M'baye Sakho
Hello Everyone,
I'm wondering about the difference between the newly released featureX509
Client Authenticator in the 4.3 version and the x509 Client *Certificate*
Authentication that has been released for a while.
I know that the x509 Client *Certificate* Authentication when enabled will
allow user to authenticate upon a client certificate. They will then don't
need to give a login/password.
But I don't see the x509 Client Authentication description somewhere.
Any input?
Regards,
5 years, 6 months
- 2
- 2