Hi,
thanks for your response.
The UndertowPreAuthActionsHandler actually is in the stacktrace. So I don't quite understand what you mean.
The installation is out-of-the-box from the keycloak-proxy-2.0.0.Final.zip.
I was assuming that in UndertowPreAuthActionsHandler#handleRequest() somthing like the following must happen,
in order to execute the logout action handling in a worker thread:public void handleRequest(HttpServerExchange exchange) throws Exception {
UndertowHttpFacade facade = createFacade(exchange);
SessionManagementBridge bridge = new SessionManagementBridge(userSessionManagement, sessionManager);
final PreAuthActionsHandler handler = new PreAuthActionsHandler(bridge, deploymentContext, facade);
final AtomicBoolean requestHandled = new AtomicBoolean(false);
if (exchange.getRequestURI().endsWith(AdapterConstants.K_LOGOUT)) {
HttpHandler tmpHandler = new HttpHandler()
{
@Override
public void handleRequest(HttpServerExchange exchange) throws Exception
{
requestHandled.set(handler.handleRequest());
}
};
exchange.dispatch(tmpHandler); // This starts the worker thread that allows blocking I/O
}
else {
requestHandled.set(handler.handleRequest());
}
if(requestHandled.get()) return;
next.handleRequest(exchange);
}
Any feedback welcome.
Cheers,
Manfred
On 25.07.2016 15:35, Marko Strukelj wrote:
Giving a cursory look at KEYCLOAK-3311, and not really knowing this part of the code so I hope I'm not giving you a wrong lead here, but it looks like UndertowPreAuthActionsHandler should already be present in your stacktrace, while currently it is not.
It sounds like Wildfly adapter was not installed correctly.
On Mon, Jul 25, 2016 at 9:26 AM, Manfred Duchrow <manfred.duchrow@caprica.biz> wrote:
Hi,
a few days ago I created the Jira issue KEYCLOAK-3311.
Its about the following exception when "k_logout" request from the keycloak server is coming in:
IllegalStateException: UT000126: Attempted to do blocking IO from the IO thread. This is prohibited as it may result in deadlocks
Has anybody experienced the same? Is there a workaround?
Currently this error prevents the logout from the secure proxy and therefore the protected
application can still be reached (for a while) even if the user's session on the keycloak server
has been terminated.
Cheers,
Manfred
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user