March 2018 - keycloak-user - Jboss List Archives

Authenticating to a client with another client's service account

by Paolo Tedesco

Hi all, I have registered two clients in my Keycloak, one is an API (ID = client_api) and another is a confidential client (ID = confidential_client), which is a standalone application that should access the API with its own credentials. I've set the access type of both API and application to "confidential". >From the application, I obtain a token with a POST to https://keycloak-server/auth/realms/master/protocol/openid-connect/token with these parameters: client_id = confidential_client client_secret = <confidential client secret> grant_type = client_credentials >From this, I obtain a token, that looks like this: { "access_token": "eyJhbG...Z0qmQ" // other stuff } Then, I try to call my API with an authentication header with Bearer = "eyJhbG...Z0qmQ" (the accesss_token from previous step) However, this does not seem to work, and the API acts like the user is not authenticated. Any idea of what I'm doing wrong? Thanks, Paolo

8 years

1
0
0 / 0

Setting up rights in admin UI

by Hammarberg, Daniel

Hi all, I have spent hours and hours trying to get this to work. Now I turn to you, hoping that you will be able to help me out. We have imported a large number of users from our current SSO solution into Keycloak. In the admin UI, we want to limit which client roles certain users should be allowed to set. For example, we have the user group Swedish Content Managers. These users should only be allowed to use the admin UI for listing users and for setting or removing the role Swedish Authirized Distributor. I have spent hours and hours trying to set this up with the instructions in the documentation, but have not managed to get it to work all the way. Many thanks /Daniel _______________________________________________________________________ [Email_CBE.gif]Daniel Hammarberg Managing Delivery Architect | Application Services Capgemini Sweden www.capgemini.com<http://www.capgemini.com/> ________________________________ Capgemini is a trading name used by the Capgemini Group of companies which includes Capgemini Sverige AB, a company registered in Sweden (number 556092-3053) whose registered office is at Gustavslundsvägen 131 Box 825 – S-161 24 Bromma. This message contains information that may be privileged or confidential and is the property of the Capgemini Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message.

8 years

1
0
0 / 0

Really slow import of large amount of users

by Erdal, Jonatan

Hi, We are trying to migrate data from our old login solution to Keycloak, but we are facing issues with really slow imports. We are trying to do the import at server startup, as stated here: https://www.keycloak.org/docs/2.5/server_admin/topics/export-import.html. We are using directory import, and we have 50 users/file. When initiating the import, it is roughly importing 2 files/minute, and this gets slower the more users we have imported. After 2 hrs, we have successfully imported 88 files, 4400 users. Here is some more details: · Number of users: 174 000 · Number of realms: 1 · Number of clients: ~5 o One of the clients is the main client, this has approx. 9400 client roles. · Number of groups in realm: ~400 File structure: Master-realm.json Master-users-0.json Kangaroo-realm.json Kangaroo-users-0.json Kangaroo-users-1.json … Kangaroo-users-3434.json Kangaroo-users-3435.json We have also increase the subsystem transaction timeout to 1800 seconds, and at server startup we are also increasing the jboss.as.management.blocking.timeout and setting it to a high number. Apart from users being slow to import, the realm also takes quite some time to import, 10 minutes, I’m guessing this is due to all the client roles we have. In the logs, I cannot see anything that looks super suspicious. At one time, we got the following logs, but then it continues on as before: 2018-03-22 21:29:14,993 WARN [com.arjuna.ats.arjuna] (Transaction Reaper) ARJUNA012117: TransactionReaper::check timeout for TX 0:ffffac1004f5:701f6ef0:5ab40b08:10 in state RUN 2018-03-22 21:29:14,993 WARN [org.hibernate.resource.transaction.backend.jta.internal.synchronization.SynchronizationCallbackCoordinatorTrackingImpl] (Transaction Reaper Worker 0) HHH000451: Transaction afterCompletion called by a background thread; delaying afterCompletion processing until the original thread can handle it. [status=4] 2018-03-22 21:29:15,039 WARN [org.hibernate.resource.transaction.backend.jta.internal.synchronization.SynchronizationCallbackCoordinatorTrackingImpl] (Transaction Reaper Worker 0) HHH000451: Transaction afterCompletion called by a background thread; delaying afterCompletion processing until the original thread can handle it. [status=4] [… I have removed about 30 identical entries for readability here …] 2018-03-22 21:29:15,039 WARN [org.hibernate.resource.transaction.backend.jta.internal.synchronization.SynchronizationCallbackCoordinatorTrackingImpl] (Transaction Reaper Worker 0) HHH000451: Transaction afterCompletion called by a background thread; delaying afterCompletion processing until the original thread can handle it. [status=4] 2018-03-22 21:29:15,039 WARN [com.arjuna.ats.arjuna] (Transaction Reaper Worker 0) ARJUNA012121: TransactionReaper::doCancellations worker Thread[Transaction Reaper Worker 0,5,main] successfully canceled TX 0:ffffac1004f5:701f6ef0:5ab40b08:10 Does anyone have any idea why it is so slow, is there anything we can do to speed up the process? Please let me know if you need any more information. Thanks in advance, //Jonatan ________________________________ Capgemini is a trading name used by the Capgemini Group of companies which includes Capgemini Sverige AB, a company registered in Sweden (number 556092-3053) whose registered office is at Gustavslundsvägen 131 Box 825 – S-161 24 Bromma. This message contains information that may be privileged or confidential and is the property of the Capgemini Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message.

8 years

1
0
0 / 0

Infinispan: Custom Keycloak UserStorageProvider throws NotSerializableException in ha-clustered mode

by Dominik Guhr

Hi everyone, so I'm on kc 3.4.3.Final and running a custom UserStorageProvider ("MyAppUserStorage" below) based on the github example jpa storage provider. It's all working well in dev-environment, which is not clustered. But in my clustered production-kc-environment (using standalone-ha, 2 nodes), the exception below is thrown. Seems like it has no effect, though, I can successfully use the app, even stop one node and everythings working fine. Now these logentries are at least annoying and I want to know whats happening here, so I hope someone could help me out. Do I have to make some classes @Serializable or something? (e.g. UserAdapter.java?) to work correctly in clustered mode? Would be great to get some help here! If you need more information or code, feel free to ask :) Best regards, Dominik Log: 2018-03-08 14:38:21,220 ERROR [org.infinispan.remoting.rpc.RpcManagerImpl] (default task-14) ISPN000073: Unexpected error while replicating: org.infinispan.commons.marshall.NotSerializableException: org.keycloak.services.DefaultKeycloakSession Caused by: an exception which occurred: in field my.app.de.keycloak.MyAppUserStorage.session in object my.app.de.keycloak.MyAppUserStorage@1f4565de in field org.jboss.as.ee.component.ConstructorComponentFactory$ConstructorManagedReference.value in object org.jboss.as.ee.component.ConstructorComponentFactory$ConstructorManagedReference@7122451c in field org.jboss.as.ejb3.component.stateful.SerializedStatefulSessionComponent.instance in object org.jboss.as.ejb3.component.stateful.SerializedStatefulSessionComponent@304e0b06 in object org.jboss.as.ejb3.component.stateful.StatefulSessionComponentInstance@6886f535 in object java.util.concurrent.ConcurrentHashMap@51f3597e in object org.wildfly.clustering.ejb.infinispan.group.InfinispanBeanGroupEntry@3dbc21a8 in object org.infinispan.commands.write.PutKeyValueCommand@63f7437d in object org.infinispan.commands.tx.PrepareCommand@f4eee60c 2018-03-08 14:38:21,220 ERROR [org.infinispan.interceptors.InvocationContextInterceptor] (default task-14) ISPN000136: Error executing command PrepareCommand, writing keys [UUIDSessionID [3cf91933-4a12-4dd1-8454-c77a31fdd607], UUIDSessionID [3cf91933-4a12-4dd1-8454-c77a31fdd607]]: org.infinispan.commons.marshall.NotSerializableException: org.keycloak.services.DefaultKeycloakSession Caused by: an exception which occurred: in field my.app.de.keycloak.MyAppUserStorage.session in object my.app.de.keycloak.MyAppUserStorage@1f4565de in field org.jboss.as.ee.component.ConstructorComponentFactory$ConstructorManagedReference.value in object org.jboss.as.ee.component.ConstructorComponentFactory$ConstructorManagedReference@7122451c in field org.jboss.as.ejb3.component.stateful.SerializedStatefulSessionComponent.instance in object org.jboss.as.ejb3.component.stateful.SerializedStatefulSessionComponent@304e0b06 in object org.jboss.as.ejb3.component.stateful.StatefulSessionComponentInstance@6886f535 in object java.util.concurrent.ConcurrentHashMap@51f3597e in object org.wildfly.clustering.ejb.infinispan.group.InfinispanBeanGroupEntry@3dbc21a8 in object org.infinispan.commands.write.PutKeyValueCommand@63f7437d in object org.infinispan.commands.tx.PrepareCommand@f4eee60c 2018-03-08 14:38:21,220 ERROR [org.infinispan.transaction.impl.TransactionCoordinator] (default task-14) ISPN000097: Error while processing a prepare in a single-phase transaction: org.infinispan.commons.marshall.NotSerializableException: org.keycloak.services.DefaultKeycloakSession Caused by: an exception which occurred: in field my.app.de.keycloak.MyAppUserStorage.session in object my.app.de.keycloak.MyAppUserStorage@1f4565de in field org.jboss.as.ee.component.ConstructorComponentFactory$ConstructorManagedReference.value in object org.jboss.as.ee.component.ConstructorComponentFactory$ConstructorManagedReference@7122451c in field org.jboss.as.ejb3.component.stateful.SerializedStatefulSessionComponent.instance in object org.jboss.as.ejb3.component.stateful.SerializedStatefulSessionComponent@304e0b06 in object org.jboss.as.ejb3.component.stateful.StatefulSessionComponentInstance@6886f535 in object java.util.concurrent.ConcurrentHashMap@51f3597e in object org.wildfly.clustering.ejb.infinispan.group.InfinispanBeanGroupEntry@3dbc21a8 in object org.infinispan.commands.write.PutKeyValueCommand@63f7437d in object org.infinispan.commands.tx.PrepareCommand@f4eee60c 2018-03-08 14:38:21,221 WARN [org.infinispan.transaction.tm.DummyTransaction] (default task-14) ISPN000112: exception while committing: javax.transaction.xa.XAException at org.infinispan.transaction.impl.TransactionCoordinator.handleCommitFailure(TransactionCoordinator.java:213) at org.infinispan.transaction.impl.TransactionCoordinator.commit(TransactionCoordinator.java:159) at org.infinispan.transaction.xa.TransactionXaAdapter.commit(TransactionXaAdapter.java:114) at org.infinispan.transaction.tm.DummyTransaction.finishResource(DummyTransaction.java:401) at org.infinispan.transaction.tm.DummyTransaction.commitResources(DummyTransaction.java:448) at org.infinispan.transaction.tm.DummyTransaction.runCommit(DummyTransaction.java:321) at org.infinispan.transaction.tm.DummyTransaction.commit(DummyTransaction.java:108) at org.wildfly.clustering.ee.infinispan.InfinispanBatch.close(InfinispanBatch.java:97) at org.jboss.as.ejb3.cache.distributable.DistributableCache.release(DistributableCache.java:154) at org.jboss.as.ejb3.component.stateful.StatefulSessionSynchronizationInterceptor.releaseInstance(StatefulSessionSynchronizationInterceptor.java:200) at org.jboss.as.ejb3.component.stateful.StatefulSessionSynchronizationInterceptor.handleAfterCompletion(StatefulSessionSynchronizationInterceptor.java:287) at org.jboss.as.ejb3.component.stateful.StatefulSessionSynchronizationInterceptor$StatefulSessionSynchronization.afterCompletion(StatefulSessionSynchronizationInterceptor.java:260) at org.jboss.as.txn.service.internal.tsr.JCAOrderedLastSynchronizationList.afterCompletion(JCAOrderedLastSynchronizationList.java:147) at org.wildfly.transaction.client.AbstractTransaction.performConsumer(AbstractTransaction.java:196) at org.wildfly.transaction.client.AbstractTransaction$AssociatingSynchronization.afterCompletion(AbstractTransaction.java:279) at com.arjuna.ats.internal.jta.resources.arjunacore.SynchronizationImple.afterCompletion(SynchronizationImple.java:96) at com.arjuna.ats.arjuna.coordinator.TwoPhaseCoordinator.afterCompletion(TwoPhaseCoordinator.java:542) at com.arjuna.ats.arjuna.coordinator.TwoPhaseCoordinator.end(TwoPhaseCoordinator.java:101) at com.arjuna.ats.arjuna.AtomicAction.commit(AtomicAction.java:162) at com.arjuna.ats.internal.jta.transaction.arjunacore.TransactionImple.commitAndDisassociate(TransactionImple.java:1289) at com.arjuna.ats.internal.jta.transaction.arjunacore.BaseTransaction.commit(BaseTransaction.java:126) at com.arjuna.ats.jbossatx.BaseTransactionManagerDelegate.commit(BaseTransactionManagerDelegate.java:89) at org.wildfly.transaction.client.LocalTransaction.commitAndDissociate(LocalTransaction.java:73) at org.wildfly.transaction.client.ContextTransactionManager.commit(ContextTransactionManager.java:71) at org.keycloak.transaction.JtaTransactionWrapper.commit(JtaTransactionWrapper.java:92) at org.keycloak.services.DefaultKeycloakTransactionManager.commit(DefaultKeycloakTransactionManager.java:136) at org.keycloak.services.filters.KeycloakTransactionCommitter.filter(KeycloakTransactionCommitter.java:43) at org.jboss.resteasy.core.ServerResponseWriter.executeFilters(ServerResponseWriter.java:165) at org.jboss.resteasy.core.ServerResponseWriter.writeNomapResponse(ServerResponseWriter.java:87) at org.jboss.resteasy.core.SynchronousDispatcher.writeResponse(SynchronousDispatcher.java:477) at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:426) at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:213) at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:228) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129) at org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:90) at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292) at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138) at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135) at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48) at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508) at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272) at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:326) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:812) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748) Caused by: org.infinispan.commons.marshall.NotSerializableException: org.keycloak.services.DefaultKeycloakSession Caused by: an exception which occurred: in field my.app.de.keycloak.MyAppUserStorage.session in object my.app.de.keycloak.MyAppUserStorage@1f4565de in field org.jboss.as.ee.component.ConstructorComponentFactory$ConstructorManagedReference.value in object org.jboss.as.ee.component.ConstructorComponentFactory$ConstructorManagedReference@7122451c in field org.jboss.as.ejb3.component.stateful.SerializedStatefulSessionComponent.instance in object org.jboss.as.ejb3.component.stateful.SerializedStatefulSessionComponent@304e0b06 in object org.jboss.as.ejb3.component.stateful.StatefulSessionComponentInstance@6886f535 in object java.util.concurrent.ConcurrentHashMap@51f3597e in object org.wildfly.clustering.ejb.infinispan.group.InfinispanBeanGroupEntry@3dbc21a8 in object org.infinispan.commands.write.PutKeyValueCommand@63f7437d in object org.infinispan.commands.tx.PrepareCommand@f4eee60c 2018-03-08 14:38:21,222 WARN [org.jboss.as.txn] (default task-14) WFLYTX0027: The pre-jca synchronization org.jboss.as.ejb3.component.stateful.StatefulSessionSynchronizationInterceptor$StatefulSessionSynchronization@57f2b0a6 associated with tx TransactionImple < ac, BasicAction: 0:ffff0a7f0895:-364bcb73:5a9d46fe:5906 status: ActionStatus.COMMITTED > failed during after completion: org.infinispan.commons.CacheException: javax.transaction.HeuristicRollbackException at org.wildfly.clustering.ee.infinispan.InfinispanBatch.close(InfinispanBatch.java:102) at org.jboss.as.ejb3.cache.distributable.DistributableCache.release(DistributableCache.java:154) at org.jboss.as.ejb3.component.stateful.StatefulSessionSynchronizationInterceptor.releaseInstance(StatefulSessionSynchronizationInterceptor.java:200) at org.jboss.as.ejb3.component.stateful.StatefulSessionSynchronizationInterceptor.handleAfterCompletion(StatefulSessionSynchronizationInterceptor.java:287) at org.jboss.as.ejb3.component.stateful.StatefulSessionSynchronizationInterceptor$StatefulSessionSynchronization.afterCompletion(StatefulSessionSynchronizationInterceptor.java:260) at org.jboss.as.txn.service.internal.tsr.JCAOrderedLastSynchronizationList.afterCompletion(JCAOrderedLastSynchronizationList.java:147) at org.wildfly.transaction.client.AbstractTransaction.performConsumer(AbstractTransaction.java:196) at org.wildfly.transaction.client.AbstractTransaction$AssociatingSynchronization.afterCompletion(AbstractTransaction.java:279) at com.arjuna.ats.internal.jta.resources.arjunacore.SynchronizationImple.afterCompletion(SynchronizationImple.java:96) at com.arjuna.ats.arjuna.coordinator.TwoPhaseCoordinator.afterCompletion(TwoPhaseCoordinator.java:542) at com.arjuna.ats.arjuna.coordinator.TwoPhaseCoordinator.end(TwoPhaseCoordinator.java:101) at com.arjuna.ats.arjuna.AtomicAction.commit(AtomicAction.java:162) at com.arjuna.ats.internal.jta.transaction.arjunacore.TransactionImple.commitAndDisassociate(TransactionImple.java:1289) at com.arjuna.ats.internal.jta.transaction.arjunacore.BaseTransaction.commit(BaseTransaction.java:126) at com.arjuna.ats.jbossatx.BaseTransactionManagerDelegate.commit(BaseTransactionManagerDelegate.java:89) at org.wildfly.transaction.client.LocalTransaction.commitAndDissociate(LocalTransaction.java:73) at org.wildfly.transaction.client.ContextTransactionManager.commit(ContextTransactionManager.java:71) at org.keycloak.transaction.JtaTransactionWrapper.commit(JtaTransactionWrapper.java:92) at org.keycloak.services.DefaultKeycloakTransactionManager.commit(DefaultKeycloakTransactionManager.java:136) at org.keycloak.services.filters.KeycloakTransactionCommitter.filter(KeycloakTransactionCommitter.java:43) at org.jboss.resteasy.core.ServerResponseWriter.executeFilters(ServerResponseWriter.java:165) at org.jboss.resteasy.core.ServerResponseWriter.writeNomapResponse(ServerResponseWriter.java:87) at org.jboss.resteasy.core.SynchronousDispatcher.writeResponse(SynchronousDispatcher.java:477) at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:426) at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:213) at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:228) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129) at org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:90) at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292) at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138) at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135) at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48) at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508) at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272) at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:326) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:812) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748) Caused by: javax.transaction.HeuristicRollbackException at org.infinispan.transaction.tm.DummyTransaction.finishResource(DummyTransaction.java:433) at org.infinispan.transaction.tm.DummyTransaction.commitResources(DummyTransaction.java:448) at org.infinispan.transaction.tm.DummyTransaction.runCommit(DummyTransaction.java:321) at org.infinispan.transaction.tm.DummyTransaction.commit(DummyTransaction.java:108) at org.wildfly.clustering.ee.infinispan.InfinispanBatch.close(InfinispanBatch.java:97) ... 71 more Caused by: javax.transaction.xa.XAException at org.infinispan.transaction.impl.TransactionCoordinator.handleCommitFailure(TransactionCoordinator.java:213) at org.infinispan.transaction.impl.TransactionCoordinator.commit(TransactionCoordinator.java:159) at org.infinispan.transaction.xa.TransactionXaAdapter.commit(TransactionXaAdapter.java:114) at org.infinispan.transaction.tm.DummyTransaction.finishResource(DummyTransaction.java:401) ... 75 more Caused by: org.infinispan.commons.marshall.NotSerializableException: org.keycloak.services.DefaultKeycloakSession Caused by: an exception which occurred: in field my.app.de.keycloak.MyAppUserStorage.session in object my.app.de.keycloak.MyAppUserStorage@1f4565de in field org.jboss.as.ee.component.ConstructorComponentFactory$ConstructorManagedReference.value in object org.jboss.as.ee.component.ConstructorComponentFactory$ConstructorManagedReference@7122451c in field org.jboss.as.ejb3.component.stateful.SerializedStatefulSessionComponent.instance in object org.jboss.as.ejb3.component.stateful.SerializedStatefulSessionComponent@304e0b06 in object org.jboss.as.ejb3.component.stateful.StatefulSessionComponentInstance@6886f535 in object java.util.concurrent.ConcurrentHashMap@51f3597e in object org.wildfly.clustering.ejb.infinispan.group.InfinispanBeanGroupEntry@3dbc21a8 in object org.infinispan.commands.write.PutKeyValueCommand@63f7437d in object org.infinispan.commands.tx.PrepareCommand@f4eee60c 2018-03-08 14:38:21,226 ERROR [org.infinispan.remoting.rpc.RpcManagerImpl] (default task-14) ISPN000073: Unexpected error while replicating: org.infinispan.commons.marshall.NotSerializableException: org.keycloak.services.DefaultKeycloakSession Caused by: an exception which occurred: in field my.app.de.keycloak.MyAppUserStorage.session in object my.app.de.keycloak.MyAppUserStorage@1f4565de in field org.jboss.as.ee.component.ConstructorComponentFactory$ConstructorManagedReference.value in object org.jboss.as.ee.component.ConstructorComponentFactory$ConstructorManagedReference@7122451c in field org.jboss.as.ejb3.component.stateful.SerializedStatefulSessionComponent.instance in object org.jboss.as.ejb3.component.stateful.SerializedStatefulSessionComponent@1e32e6c3 in object org.jboss.as.ejb3.component.stateful.StatefulSessionComponentInstance@6886f535 in object java.util.concurrent.ConcurrentHashMap@51f3597e in object org.wildfly.clustering.ejb.infinispan.group.InfinispanBeanGroupEntry@3dbc21a8 in object org.infinispan.commands.write.PutKeyValueCommand@63f7437d in object org.infinispan.commands.tx.PrepareCommand@f4eee60e 2018-03-08 14:38:21,226 ERROR [org.infinispan.interceptors.InvocationContextInterceptor] (default task-14) ISPN000136: Error executing command PrepareCommand, writing keys [UUIDSessionID [3cf91933-4a12-4dd1-8454-c77a31fdd607], UUIDSessionID [3cf91933-4a12-4dd1-8454-c77a31fdd607]]: org.infinispan.commons.marshall.NotSerializableException: org.keycloak.services.DefaultKeycloakSession Caused by: an exception which occurred: in field my.app.de.keycloak.MyAppUserStorage.session in object my.app.de.keycloak.MyAppUserStorage@1f4565de in field org.jboss.as.ee.component.ConstructorComponentFactory$ConstructorManagedReference.value in object org.jboss.as.ee.component.ConstructorComponentFactory$ConstructorManagedReference@7122451c in field org.jboss.as.ejb3.component.stateful.SerializedStatefulSessionComponent.instance in object org.jboss.as.ejb3.component.stateful.SerializedStatefulSessionComponent@1e32e6c3 in object org.jboss.as.ejb3.component.stateful.StatefulSessionComponentInstance@6886f535 in object java.util.concurrent.ConcurrentHashMap@51f3597e in object org.wildfly.clustering.ejb.infinispan.group.InfinispanBeanGroupEntry@3dbc21a8 in object org.infinispan.commands.write.PutKeyValueCommand@63f7437d in object org.infinispan.commands.tx.PrepareCommand@f4eee60e 2018-03-08 14:38:21,226 ERROR [org.infinispan.transaction.impl.TransactionCoordinator] (default task-14) ISPN000097: Error while processing a prepare in a single-phase transaction: org.infinispan.commons.marshall.NotSerializableException: org.keycloak.services.DefaultKeycloakSession Caused by: an exception which occurred: in field my.app.de.keycloak.MyAppUserStorage.session in object my.app.de.keycloak.MyAppUserStorage@1f4565de in field org.jboss.as.ee.component.ConstructorComponentFactory$ConstructorManagedReference.value in object org.jboss.as.ee.component.ConstructorComponentFactory$ConstructorManagedReference@7122451c in field org.jboss.as.ejb3.component.stateful.SerializedStatefulSessionComponent.instance in object org.jboss.as.ejb3.component.stateful.SerializedStatefulSessionComponent@1e32e6c3 in object org.jboss.as.ejb3.component.stateful.StatefulSessionComponentInstance@6886f535 in object java.util.concurrent.ConcurrentHashMap@51f3597e in object org.wildfly.clustering.ejb.infinispan.group.InfinispanBeanGroupEntry@3dbc21a8 in object org.infinispan.commands.write.PutKeyValueCommand@63f7437d in object org.infinispan.commands.tx.PrepareCommand@f4eee60e 2018-03-08 14:38:21,227 WARN [org.infinispan.transaction.tm.DummyTransaction] (default task-14) ISPN000112: exception while committing: javax.transaction.xa.XAException at org.infinispan.transaction.impl.TransactionCoordinator.handleCommitFailure(TransactionCoordinator.java:213) at org.infinispan.transaction.impl.TransactionCoordinator.commit(TransactionCoordinator.java:159) at org.infinispan.transaction.xa.TransactionXaAdapter.commit(TransactionXaAdapter.java:114) at org.infinispan.transaction.tm.DummyTransaction.finishResource(DummyTransaction.java:401) at org.infinispan.transaction.tm.DummyTransaction.commitResources(DummyTransaction.java:448) at org.infinispan.transaction.tm.DummyTransaction.runCommit(DummyTransaction.java:321) at org.infinispan.transaction.tm.DummyTransaction.commit(DummyTransaction.java:108) at org.wildfly.clustering.ee.infinispan.InfinispanBatch.close(InfinispanBatch.java:97) at org.jboss.as.ejb3.cache.distributable.DistributableCache.release(DistributableCache.java:154) at org.jboss.as.ejb3.component.stateful.StatefulSessionSynchronizationInterceptor.releaseInstance(StatefulSessionSynchronizationInterceptor.java:200) at org.jboss.as.ejb3.component.stateful.StatefulSessionSynchronizationInterceptor.handleAfterCompletion(StatefulSessionSynchronizationInterceptor.java:287) at org.jboss.as.ejb3.component.stateful.StatefulSessionSynchronizationInterceptor$StatefulSessionSynchronization.afterCompletion(StatefulSessionSynchronizationInterceptor.java:260) at org.jboss.as.txn.service.internal.tsr.JCAOrderedLastSynchronizationList.afterCompletion(JCAOrderedLastSynchronizationList.java:147) at org.wildfly.transaction.client.AbstractTransaction.performConsumer(AbstractTransaction.java:196) at org.wildfly.transaction.client.AbstractTransaction$AssociatingSynchronization.afterCompletion(AbstractTransaction.java:279) at com.arjuna.ats.internal.jta.resources.arjunacore.SynchronizationImple.afterCompletion(SynchronizationImple.java:96) at com.arjuna.ats.arjuna.coordinator.TwoPhaseCoordinator.afterCompletion(TwoPhaseCoordinator.java:542) at com.arjuna.ats.arjuna.coordinator.TwoPhaseCoordinator.end(TwoPhaseCoordinator.java:101) at com.arjuna.ats.arjuna.AtomicAction.commit(AtomicAction.java:162) at com.arjuna.ats.internal.jta.transaction.arjunacore.TransactionImple.commitAndDisassociate(TransactionImple.java:1289) at com.arjuna.ats.internal.jta.transaction.arjunacore.BaseTransaction.commit(BaseTransaction.java:126) at com.arjuna.ats.jbossatx.BaseTransactionManagerDelegate.commit(BaseTransactionManagerDelegate.java:89) at org.wildfly.transaction.client.LocalTransaction.commitAndDissociate(LocalTransaction.java:73) at org.wildfly.transaction.client.ContextTransactionManager.commit(ContextTransactionManager.java:71) at org.jboss.as.ejb3.tx.CMTTxInterceptor.endTransaction(CMTTxInterceptor.java:92) at org.jboss.as.ejb3.tx.CMTTxInterceptor.invokeInOurTx(CMTTxInterceptor.java:279) at org.jboss.as.ejb3.tx.CMTTxInterceptor.required(CMTTxInterceptor.java:332) at org.jboss.as.ejb3.tx.CMTTxInterceptor.processInvocation(CMTTxInterceptor.java:240) at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422) at org.jboss.as.ejb3.component.interceptors.CurrentInvocationContextInterceptor.processInvocation(CurrentInvocationContextInterceptor.java:41) at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422) at org.jboss.as.ejb3.component.invocationmetrics.WaitTimeInterceptor.processInvocation(WaitTimeInterceptor.java:47) at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422) at org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:100) at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422) at org.jboss.as.ejb3.deployment.processors.StartupAwaitInterceptor.processInvocation(StartupAwaitInterceptor.java:22) at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422) at org.jboss.as.ejb3.component.interceptors.ShutDownInterceptorFactory$1.processInvocation(ShutDownInterceptorFactory.java:64) at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422) at org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:67) at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422) at org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50) at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422) at org.jboss.as.ejb3.component.interceptors.AdditionalSetupInterceptor.processInvocation(AdditionalSetupInterceptor.java:54) at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422) at org.jboss.invocation.ContextClassLoaderInterceptor.processInvocation(ContextClassLoaderInterceptor.java:60) at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422) at org.jboss.invocation.InterceptorContext.run(InterceptorContext.java:438) at org.wildfly.security.manager.WildFlySecurityManager.doChecked(WildFlySecurityManager.java:609) at org.jboss.invocation.AccessCheckingInterceptor.processInvocation(AccessCheckingInterceptor.java:57) at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422) at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:53) at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:198) at org.jboss.as.ee.component.ViewDescription$1.processInvocation(ViewDescription.java:185) at org.jboss.as.ee.component.ProxyInvocationHandler.invoke(ProxyInvocationHandler.java:81) at my.app.de.keycloak.MyAppUserStorage$$$view1.close(Unknown Source) at org.keycloak.services.DefaultKeycloakSession.close(DefaultKeycloakSession.java:265) at org.keycloak.services.filters.KeycloakSessionServletFilter.closeSession(KeycloakSessionServletFilter.java:130) at org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:95) at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292) at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138) at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135) at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48) at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508) at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272) at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:326) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:812) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748) Caused by: org.infinispan.commons.marshall.NotSerializableException: org.keycloak.services.DefaultKeycloakSession Caused by: an exception which occurred: in field my.app.de.keycloak.MyAppUserStorage.session in object my.app.de.keycloak.MyAppUserStorage@1f4565de in field org.jboss.as.ee.component.ConstructorComponentFactory$ConstructorManagedReference.value in object org.jboss.as.ee.component.ConstructorComponentFactory$ConstructorManagedReference@7122451c in field org.jboss.as.ejb3.component.stateful.SerializedStatefulSessionComponent.instance in object org.jboss.as.ejb3.component.stateful.SerializedStatefulSessionComponent@1e32e6c3 in object org.jboss.as.ejb3.component.stateful.StatefulSessionComponentInstance@6886f535 in object java.util.concurrent.ConcurrentHashMap@51f3597e in object org.wildfly.clustering.ejb.infinispan.group.InfinispanBeanGroupEntry@3dbc21a8 in object org.infinispan.commands.write.PutKeyValueCommand@63f7437d in object org.infinispan.commands.tx.PrepareCommand@f4eee60e 2018-03-08 14:38:21,238 WARN [org.jboss.as.txn] (default task-14) WFLYTX0027: The pre-jca synchronization org.jboss.as.ejb3.component.stateful.StatefulSessionSynchronizationInterceptor$StatefulSessionSynchronization@32861c5f associated with tx TransactionImple < ac, BasicAction: 0:ffff0a7f0895:-364bcb73:5a9d46fe:590c status: ActionStatus.COMMITTED > failed during after completion: org.infinispan.commons.CacheException: javax.transaction.HeuristicRollbackException at org.wildfly.clustering.ee.infinispan.InfinispanBatch.close(InfinispanBatch.java:102) at org.jboss.as.ejb3.cache.distributable.DistributableCache.release(DistributableCache.java:154) at org.jboss.as.ejb3.component.stateful.StatefulSessionSynchronizationInterceptor.releaseInstance(StatefulSessionSynchronizationInterceptor.java:200) at org.jboss.as.ejb3.component.stateful.StatefulSessionSynchronizationInterceptor.handleAfterCompletion(StatefulSessionSynchronizationInterceptor.java:287) at org.jboss.as.ejb3.component.stateful.StatefulSessionSynchronizationInterceptor$StatefulSessionSynchronization.afterCompletion(StatefulSessionSynchronizationInterceptor.java:260) at org.jboss.as.txn.service.internal.tsr.JCAOrderedLastSynchronizationList.afterCompletion(JCAOrderedLastSynchronizationList.java:147) at org.wildfly.transaction.client.AbstractTransaction.performConsumer(AbstractTransaction.java:196) at org.wildfly.transaction.client.AbstractTransaction$AssociatingSynchronization.afterCompletion(AbstractTransaction.java:279) at com.arjuna.ats.internal.jta.resources.arjunacore.SynchronizationImple.afterCompletion(SynchronizationImple.java:96) at com.arjuna.ats.arjuna.coordinator.TwoPhaseCoordinator.afterCompletion(TwoPhaseCoordinator.java:542) at com.arjuna.ats.arjuna.coordinator.TwoPhaseCoordinator.end(TwoPhaseCoordinator.java:101) at com.arjuna.ats.arjuna.AtomicAction.commit(AtomicAction.java:162) at com.arjuna.ats.internal.jta.transaction.arjunacore.TransactionImple.commitAndDisassociate(TransactionImple.java:1289) at com.arjuna.ats.internal.jta.transaction.arjunacore.BaseTransaction.commit(BaseTransaction.java:126) at com.arjuna.ats.jbossatx.BaseTransactionManagerDelegate.commit(BaseTransactionManagerDelegate.java:89) at org.wildfly.transaction.client.LocalTransaction.commitAndDissociate(LocalTransaction.java:73) at org.wildfly.transaction.client.ContextTransactionManager.commit(ContextTransactionManager.java:71) at org.jboss.as.ejb3.tx.CMTTxInterceptor.endTransaction(CMTTxInterceptor.java:92) at org.jboss.as.ejb3.tx.CMTTxInterceptor.invokeInOurTx(CMTTxInterceptor.java:279) at org.jboss.as.ejb3.tx.CMTTxInterceptor.required(CMTTxInterceptor.java:332) at org.jboss.as.ejb3.tx.CMTTxInterceptor.processInvocation(CMTTxInterceptor.java:240) at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422) at org.jboss.as.ejb3.component.interceptors.CurrentInvocationContextInterceptor.processInvocation(CurrentInvocationContextInterceptor.java:41) at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422) at org.jboss.as.ejb3.component.invocationmetrics.WaitTimeInterceptor.processInvocation(WaitTimeInterceptor.java:47) at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422) at org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:100) at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422) at org.jboss.as.ejb3.deployment.processors.StartupAwaitInterceptor.processInvocation(StartupAwaitInterceptor.java:22) at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422) at org.jboss.as.ejb3.component.interceptors.ShutDownInterceptorFactory$1.processInvocation(ShutDownInterceptorFactory.java:64) at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422) at org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:67) at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422) at org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50) at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422) at org.jboss.as.ejb3.component.interceptors.AdditionalSetupInterceptor.processInvocation(AdditionalSetupInterceptor.java:54) at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422) at org.jboss.invocation.ContextClassLoaderInterceptor.processInvocation(ContextClassLoaderInterceptor.java:60) at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422) at org.jboss.invocation.InterceptorContext.run(InterceptorContext.java:438) at org.wildfly.security.manager.WildFlySecurityManager.doChecked(WildFlySecurityManager.java:609) at org.jboss.invocation.AccessCheckingInterceptor.processInvocation(AccessCheckingInterceptor.java:57) at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422) at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:53) at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:198) at org.jboss.as.ee.component.ViewDescription$1.processInvocation(ViewDescription.java:185) at org.jboss.as.ee.component.ProxyInvocationHandler.invoke(ProxyInvocationHandler.java:81) at my.app.de.keycloak.MyAppUserStorage$$$view1.close(Unknown Source) at org.keycloak.services.DefaultKeycloakSession.close(DefaultKeycloakSession.java:265) at org.keycloak.services.filters.KeycloakSessionServletFilter.closeSession(KeycloakSessionServletFilter.java:130) at org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:95) at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292) at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138) at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135) at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48) at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508) at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272) at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:326) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:812) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748) Caused by: javax.transaction.HeuristicRollbackException at org.infinispan.transaction.tm.DummyTransaction.finishResource(DummyTransaction.java:433) at org.infinispan.transaction.tm.DummyTransaction.commitResources(DummyTransaction.java:448) at org.infinispan.transaction.tm.DummyTransaction.runCommit(DummyTransaction.java:321) at org.infinispan.transaction.tm.DummyTransaction.commit(DummyTransaction.java:108) at org.wildfly.clustering.ee.infinispan.InfinispanBatch.close(InfinispanBatch.java:97) ... 91 more Caused by: javax.transaction.xa.XAException at org.infinispan.transaction.impl.TransactionCoordinator.handleCommitFailure(TransactionCoordinator.java:213) at org.infinispan.transaction.impl.TransactionCoordinator.commit(TransactionCoordinator.java:159) at org.infinispan.transaction.xa.TransactionXaAdapter.commit(TransactionXaAdapter.java:114) at org.infinispan.transaction.tm.DummyTransaction.finishResource(DummyTransaction.java:401) ... 95 more Caused by: org.infinispan.commons.marshall.NotSerializableException: org.keycloak.services.DefaultKeycloakSession Caused by: an exception which occurred: in field my.app.de.keycloak.MyAppUserStorage.session in object my.app.de.keycloak.MyAppUserStorage@1f4565de in field org.jboss.as.ee.component.ConstructorComponentFactory$ConstructorManagedReference.value in object org.jboss.as.ee.component.ConstructorComponentFactory$ConstructorManagedReference@7122451c in field org.jboss.as.ejb3.component.stateful.SerializedStatefulSessionComponent.instance in object org.jboss.as.ejb3.component.stateful.SerializedStatefulSessionComponent@1e32e6c3 in object org.jboss.as.ejb3.component.stateful.StatefulSessionComponentInstance@6886f535 in object java.util.concurrent.ConcurrentHashMap@51f3597e in object org.wildfly.clustering.ejb.infinispan.group.InfinispanBeanGroupEntry@3dbc21a8 in object org.infinispan.commands.write.PutKeyValueCommand@63f7437d in object org.infinispan.commands.tx.PrepareCommand@f4eee60e

8 years

2
6
0 / 0

Fwd: Keycloak 4.0.0.Beta1 is out

by Stian Thorgersen

I'm very pleased to announce the first release of Keycloak 4! To download the release go to the Keycloak homepage <http://www.keycloak.org/downloads>. HighlightsBrand new login pages The login pages have received a brand new look. They now look much more modern and clean! Themes and Theme Resources It's now possible to hot-deploy themes to Keycloak through a regular provider deployment. We've also added support for theme resources. Theme resources allows adding additional templates and resources without creating a theme. Perfect for custom authenticators that require additional pages added to the authentication flow. We've also added support to override the theme for specific clients. If that doesn't cover your needs, then there's a new Theme Selector SPI that allows you to implement custom logic to select the theme. Native promise support to keycloak.js The JavaScript adapter now supports native promises. Of course it still has support for the old style promises as well. Both can be used interchangeably. Edit links in documentation To make it easier to contribute changes to the documentation we have added links to all sections of the documentation. This brings you straight to the GitHub editor for the relevant AsciiDoctor file. There's also a quick link to report an issue on a specific page that will include the relevant page in the description. HTTPS support on keycloak.org Thanks to GitHub pages and Let's Encrypt there's finally HTTPS on keycloak.org. About time? Loads more.. The full list of resolved issues is available in JIRA <https://issues.jboss.org/issues/?jql=project%20%3D%20keycloak%20and%20fix...> . Upgrading Before you upgrade remember to backup your database and check the upgrade guide <http://www.keycloak.org/docs/latest/upgrading/index.html> for anything that may have changed.

8 years

1
0
0 / 0

API not protected immediately after logout

by José Miguel Gonçalves

Hi, To test a scenario of a Node.js RESTfull service secured by Keycloak (3.4.3.Final), I've setup a Node.js server and a HTML5 client using example code from https://github.com/keycloak/keycloak-quickstarts ('service-nodejs' and 'app-jee-html5'). While everything seems fine at first glance, there is an issue after I logout on the app. After logging out, I see that I continue to have access to the protected endpoints for some short time (about 1 minute after logout). Am I missing some configuration or is this a bug on Keycloak? Regards, José Gonçalves

8 years

3
8
0 / 0

Creating keycloak custom theme - setting new start page

by Karol Bilicki

Hello! I have three views to display: - starting page (with links to registration and login pages) - login page - registration page I don't know how to display firstly the starting page. My starting page in my custom theme is the login page (my-site/auth). How to change this? I tried with request parameters, by I can't get the url params in .ftl template pages. How to extend the server by endpoint or read url param in template? Maybe there is another solution... Thank you!

8 years

1
0
0 / 0

Account action links in emails with admin on different port

by Derek Gibson

Hi there, Running Keycloak 3.4.0.Final We've split out admin and user interfaces using the documentation on port restrictions http://www.keycloak.org/docs/latest/server_admin/index.html#port-restriction And successfully have /auth/admin restricted to port 8444 Our problem is that when an admin sends an email for account action, it gets sent with the url of https://keycloak:8444/auth/realms/arealm/login-actions/action-token?... instead of https://keycloak/auth/realms/arealm/login-actions/action-token?... Is there a way to get the emails to use the default uri instead of the admin one through a simple config change without hardcoding the hostname or creating email templates? Thanks Derek

8 years

2
1
0 / 0

Keycloak theme - properties from env / external file / client?

by Ben Immanuel

Hi there, we have a custom keycloak theme, which contains a link. The link needs to be different per environment (prod, staging, dev etc). Having a separate "theme.properties" file per environment is not really an option for us, as we want re-use the same Docker image. So.... Can we access environment variables from "theme.properties"? i.e. OUR_PROP=${env.SOME_ENVIRONMENT_VAR} Or is there a way to read values from an external file? Or can we access a particular Keycloak client's redirect url? i.e. in our case client="Cipher2". Or any other ideas? I'm not too sure how the Java SPI stuff work, so any pointers would be really appreciated. Thanks! Ben

8 years

1
1
0 / 0

Cannot get Keycloak Tomcat 7 adapter to work (version 3.4.3.Final)

by Oxy Oxy

Hi, I have a Spring Boot 1.5.2 Web App packaged as a .war hosted on an Apache Tomcat 7.0.68. I want to use the Keycloak Tomcat Adapter but I encounter HTTP 401 returns on every endpoints included in the configuration...I am using the 3.4.3.Final version. I have read the doc @ http://www.keycloak.org/docs/2.5/securing_apps/topics/oidc/java/tomcat-ad.... Done : * Downloaded https://downloads.jboss.org/keycloak/3.4.3.Final/adapters/keycloak-oidc/k... and extracted under <tomcat_folder>/lib/ * Created a META-INF/context.xml file with :<?xml version="1.0" encoding="UTF-8"?><Context path="/my-app"> <Valve className="org.keycloak.adapters.tomcat.KeycloakAuthenticatorValve"/></Context> * Created a WEB-INF/keycloak.json file with :{ "realm" : "my_realm", "resource" : "my_client", "principal-attribute": "preferred_username", "truststore" : "/my_path/keycloak-truststore.jks", "ssl-required" : "external", "truststore-password" : "my_password", "credentials" : { "secret" : "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, "auth-server-url" : "http://<keycloak_server>.fr:8443/auth"} * Created a WEB-INF/web.xml file with : <?xml version="1.0" encoding="UTF-8"?><web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:web="http://xmlns.jcp.org/xml/ns/javaee" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5"> <display-name>my-app</display-name> <module-name>my-app</module-name> <login-config> <auth-method>BASIC</auth-method> <realm-name>my_realm</realm-name> </login-config> <security-constraint> <web-resource-collection> <url-pattern>/customer/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>uma_authorization</role-name> </auth-constraint> </security-constraint> <security-role> <role-name>uma_authorization</role-name> </security-role></web-app> (simple test with uma_authorization, role that every user has) After that : HTTP 200 on every endpoints except /customer/* where I get HTTP 401. In debug, I have detected that the variable "account" is always null on the line 61 from the CatalinaSessionTokenStore class (from Tomcat Keycloak Adapter dependency) : Session catalinaSession = request.getSessionInternal(false); if (catalinaSession == null) return; SerializableKeycloakAccount account = (SerializableKeycloakAccount) catalinaSession.getSession().getAttribute(SerializableKeycloakAccount.class.getName()); if (account == null) { return; } (... next lines are to control the content of the Keycloak context) Nothing in the Tomcat log even with TRACE level activated. Have I forgot something to configure ? Is it a bug ? Thanks

8 years

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

keycloak-user March 2018