Yes, KEYCLOAK_IDENTITY cookie should be in the browser after successful
authentication to your portal1 is fully finished. Are you seeing the
cookie after this authentication?
Then the portal2 is supposed to be automatically authenticated due to
this cookie.
Marek
On 27/04/17 09:14, Tech wrote:
Hello,
opening the browser the KEYCLOAK_IDENTITY cookie does not appear, but
in my understanding this is created when you have an active session to
Keycloak like accessing to the admin interface.
No proxies, cookies or load balancers in the backend server.
On 26/04/17 16:17, Marek Posolda wrote:
> Thanks, are you seeing KEYCLOAK_IDENTITY cookie for your browser for
> path "/auth/realms/yourrealm" ? Are you using proxy/loadbalancer,
> which may cause that cookies sent to the proxy are not visible on the
> backend server (Keycloak)?
>
> Marek
>
>
> On 26/04/17 09:09, Tech wrote:
>> Hello again,
>>
>> so:
>> 1) they are both using the same kc realm
>> 2) the cookie is not disabled
>> 3) in attach a screenshot, it's identical for the two application,
>> with the difference that one the two URL has the "2"
>>
>>
>>
>>
>> On 26/04/17 06:17, Marek Posolda wrote:
>>> On 25/04/17 22:36, Tech wrote:
>>>>
>>>> Hello Marek,
>>>>
>>>> 1) yes, they are both using the same Kc realm
>>>>
>>>> 2) how can I check this point?
>>>>
>>> In Keycloak admin console, there is tab "Authentication" and then
>>> flow "browser" .
>>>
>>> Marek
>>>>
>>>> 3) I checked already, I don't think that anything like that is
>>>> enabled, but I will send you a screen shot in the coming hours
>>>> (not in the office right now)
>>>>
>>>> Thanks for the support
>>>>
>>>>
>>>>
>>>>
>>>> On 25.04.17 22:14, Marek Posolda wrote:
>>>>> Normally SSO between client applications is supposed to work. I
>>>>> would check:
>>>>>
>>>>> - Are both your clients (portal1 and portal2) using same Keycloak
>>>>> realm? SSO will work just with same realm
>>>>>
>>>>> - Is Cookie authenticator enabled for authentication browser flow
>>>>> of your realm? Didn't you accidentally disable it? SSO requires
>>>>> that it is enabled
>>>>>
>>>>> - How does URL to Keycloak login screen looks like? I wonder if
>>>>> your PHP adapter uses some parameters, which causes SSO disabled
>>>>> (eg. prompt=login or max_age=0)
>>>>>
>>>>> Marek
>>>>>
>>>>> On 25/04/17 14:18, Tech wrote:
>>>>>>
>>>>>> Anybody with any ideas?
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On 25/04/17 12:53, Tech wrote:
>>>>>>>
>>>>>>> Hello Marek,
>>>>>>>
>>>>>>> maybe my email was confusing, we run initially two tests were
>>>>>>> we login and logout in both portal to check that the oidc is
>>>>>>> working on each of them.
>>>>>>>
>>>>>>> Once we know that OIDC is working, then we are expecting to
>>>>>>> login to portal1 and opening portal2, to find us already
logged
>>>>>>> in, but this doesn't happen and we are forced to login
again
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On 25/04/17 12:41, Marek Posolda wrote:
>>>>>>>> If you don't do "Logout from portal1" at
the end of first
>>>>>>>> test, then SSO should work and you will be automatically
>>>>>>>> logged into portal2 without a need to put your
credentials.
>>>>>>>>
>>>>>>>> The logout is "SSO logout", hence it also kills
the SSO
>>>>>>>> session on Keycloak side and requires user to re-login.
>>>>>>>>
>>>>>>>> Marek
>>>>>>>>
>>>>>>>> On 25/04/17 12:31, Tech wrote:
>>>>>>>>> Dear experts,
>>>>>>>>>
>>>>>>>>> we are working with Moodle, a PHP based platform,
where we
>>>>>>>>> have been
>>>>>>>>> able to configure correctly Keycloak to implement
OIDC.
>>>>>>>>>
>>>>>>>>> To test Keycloak we cloned this application, with
different
>>>>>>>>> URLs and we
>>>>>>>>> did the first test:
>>>>>>>>>
>>>>>>>>> * Connect to portal1
>>>>>>>>> * User not recognized and redirected to Keycloak
through OIDC
>>>>>>>>> * Enter credentials stored into Keycloak
>>>>>>>>> * User accepted and redirected to portal1
>>>>>>>>> * Logout from portal1
>>>>>>>>>
>>>>>>>>> After this we tested the second application:
>>>>>>>>>
>>>>>>>>> * Connect to portal2
>>>>>>>>> * User not recognized and redirected to Keycloak
through OIDC
>>>>>>>>> * Enter credentials stored into Keycloak
>>>>>>>>> * User accepted and redirected to portal2
>>>>>>>>> * Logout from portal2
>>>>>>>>>
>>>>>>>>> In this case I know that OIDC is working for the two
>>>>>>>>> applications and we
>>>>>>>>> can expect that also the SSO is working, but after
the login
>>>>>>>>> in portal1
>>>>>>>>> we have to login again portal2, and vice-versa.
>>>>>>>>>
>>>>>>>>> We attach below here some logs, could you please
help?
>>>>>>>>>
>>>>>>>>> Thanks
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> *Login to portal1*
>>>>>>>>>
>>>>>>>>> 2017-04-25 09:54:40,503 DEBUG
[org.jboss.ejb.client.txn]
>>>>>>>>> (Periodic
>>>>>>>>> Recovery) Send recover request for transaction origin
node
>>>>>>>>> identifier 1
>>>>>>>>> to EJB receiver with node name 79051ccf69ac
>>>>>>>>> 2017-04-25 09:54:45,055 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper]
(default
>>>>>>>>> task-30) new
>>>>>>>>> JtaTransactionWrapper
>>>>>>>>> 2017-04-25 09:54:45,056 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper]
(default
>>>>>>>>> task-30) was
>>>>>>>>> existing? false
>>>>>>>>> 2017-04-25 09:54:45,056 DEBUG
>>>>>>>>> [org.jboss.resteasy.resteasy_jaxrs.i18n]
>>>>>>>>> (default task-30) RESTEASY002315: PathInfo:
>>>>>>>>> /realms/demo/protocol/openid-connect/auth
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>> [org.keycloak.authentication.AuthenticationProcessor]
>>>>>>>>> (default task-30)
>>>>>>>>> AUTHENTICATE
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>> [org.keycloak.authentication.AuthenticationProcessor]
>>>>>>>>> (default task-30)
>>>>>>>>> AUTHENTICATE ONLY
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) processFlow
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) check execution: auth-cookie requirement:
ALTERNATIVE
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) authenticator: auth-cookie
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) invoke authenticator.authenticate
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>>
[org.keycloak.services.managers.AuthenticationManager]
>>>>>>>>> (default task-30)
>>>>>>>>> Could not find cookie: KEYCLOAK_IDENTITY
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) authenticator ATTEMPTED: auth-cookie
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) check execution: auth-spnego requirement:
DISABLED
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) execution is processed
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) check execution:
identity-provider-redirector
>>>>>>>>> requirement:
>>>>>>>>> ALTERNATIVE
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) authenticator: identity-provider-redirector
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) invoke authenticator.authenticate
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) authenticator ATTEMPTED:
identity-provider-redirector
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) check execution: null requirement:
ALTERNATIVE
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) execution is flow
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) processFlow
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) check execution: auth-username-password-form
>>>>>>>>> requirement: REQUIRED
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) authenticator: auth-username-password-form
>>>>>>>>> 2017-04-25 09:54:45,059 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) invoke authenticator.authenticate
>>>>>>>>> 2017-04-25 09:54:45,060 DEBUG [freemarker.cache]
(default
>>>>>>>>> task-30)
>>>>>>>>>
TemplateLoader.findTemplateSource("template_en_US.ftl"): Not
>>>>>>>>> found
>>>>>>>>> 2017-04-25 09:54:45,060 DEBUG [freemarker.cache]
(default
>>>>>>>>> task-30)
>>>>>>>>>
TemplateLoader.findTemplateSource("template_en.ftl"): Not found
>>>>>>>>> 2017-04-25 09:54:45,060 DEBUG [freemarker.cache]
(default
>>>>>>>>> task-30)
>>>>>>>>>
TemplateLoader.findTemplateSource("template.ftl"): Found
>>>>>>>>> 2017-04-25 09:54:45,061 DEBUG [freemarker.cache]
(default
>>>>>>>>> task-30)
>>>>>>>>> "template.ftl"("en_US", UTF-8,
parsed): using cached since
>>>>>>>>>
file:/opt/jboss/keycloak/themes/base/login/template.ftl
>>>>>>>>> hasn't changed.
>>>>>>>>> 2017-04-25 09:54:45,064 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-30) authenticator CHALLENGE:
auth-username-password-form
>>>>>>>>> 2017-04-25 09:54:45,064 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper]
(default
>>>>>>>>> task-30)
>>>>>>>>> JtaTransactionWrapper commit
>>>>>>>>> 2017-04-25 09:54:45,064 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper]
(default
>>>>>>>>> task-30)
>>>>>>>>> JtaTransactionWrapper end
>>>>>>>>> 2017-04-25 09:54:50,503 DEBUG
[org.jboss.ejb.client.txn]
>>>>>>>>> (Periodic
>>>>>>>>> Recovery) Send recover request for transaction origin
node
>>>>>>>>> identifier 1
>>>>>>>>> to EJB receiver with node name 79051ccf69ac
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> *After authentication to portal1**
>>>>>>>>> *
>>>>>>>>> 2017-04-25 09:54:56,041 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper]
(default
>>>>>>>>> task-31) new
>>>>>>>>> JtaTransactionWrapper
>>>>>>>>> 2017-04-25 09:54:56,041 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper]
(default
>>>>>>>>> task-31) was
>>>>>>>>> existing? false
>>>>>>>>> 2017-04-25 09:54:56,042 DEBUG
>>>>>>>>> [org.jboss.resteasy.resteasy_jaxrs.i18n]
>>>>>>>>> (default task-31) RESTEASY002315: PathInfo:
>>>>>>>>> /realms/Demo/login-actions/authenticate
>>>>>>>>> 2017-04-25 09:54:56,042 DEBUG
>>>>>>>>> [org.keycloak.authentication.AuthenticationProcessor]
>>>>>>>>> (default task-31)
>>>>>>>>> authenticationAction
>>>>>>>>> 2017-04-25 09:54:56,042 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) processAction:
dfde24fe-5e06-4dc9-8dc2-f82eedd89846
>>>>>>>>> 2017-04-25 09:54:56,043 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) check: auth-cookie requirement: ALTERNATIVE
>>>>>>>>> 2017-04-25 09:54:56,043 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) execution is processed
>>>>>>>>> 2017-04-25 09:54:56,043 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) check: auth-spnego requirement: DISABLED
>>>>>>>>> 2017-04-25 09:54:56,043 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) execution is processed
>>>>>>>>> 2017-04-25 09:54:56,043 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) check: identity-provider-redirector
requirement:
>>>>>>>>> ALTERNATIVE
>>>>>>>>> 2017-04-25 09:54:56,043 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) execution is processed
>>>>>>>>> 2017-04-25 09:54:56,043 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) check: null requirement: ALTERNATIVE
>>>>>>>>> 2017-04-25 09:54:56,043 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) processAction:
dfde24fe-5e06-4dc9-8dc2-f82eedd89846
>>>>>>>>> 2017-04-25 09:54:56,043 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) check: auth-username-password-form
requirement:
>>>>>>>>> REQUIRED
>>>>>>>>> 2017-04-25 09:54:56,043 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) action: auth-username-password-form
>>>>>>>>> 2017-04-25 09:54:56,141 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) authenticator SUCCESS:
auth-username-password-form
>>>>>>>>> 2017-04-25 09:54:56,141 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) processFlow
>>>>>>>>> 2017-04-25 09:54:56,141 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) check execution: auth-otp-form requirement:
OPTIONAL
>>>>>>>>> 2017-04-25 09:54:56,141 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) authenticator: auth-otp-form
>>>>>>>>> 2017-04-25 09:54:56,141 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow] (default
>>>>>>>>> task-31) processFlow
>>>>>>>>> 2017-04-25 09:54:56,141 DEBUG
>>>>>>>>>
[org.hibernate.resource.transaction.backend.jta.internal.JtaTransactionCoordinatorImpl]
>>>>>>>>>
>>>>>>>>> (default task-31) Hibernate RegisteredSynchronization
>>>>>>>>> successfully
>>>>>>>>> registered with JTA platform
>>>>>>>>> 2017-04-25 09:54:56,142 DEBUG [org.hibernate.SQL]
(default
>>>>>>>>> task-31)
>>>>>>>>> select
>>>>>>>>> roleentity0_.ID as col_0_0_
>>>>>>>>> from
>>>>>>>>> KEYCLOAK_ROLE roleentity0_
>>>>>>>>> where
>>>>>>>>> roleentity0_.CLIENT_ROLE=0
>>>>>>>>> and roleentity0_.NAME=?
>>>>>>>>> and roleentity0_.REALM=?
>>>>>>>>> 2017-04-25 09:54:56,142 DEBUG
>>>>>>>>>
[org.jboss.jca.core.connectionmanager.pool.strategy.OnePool]
>>>>>>>>> (default
>>>>>>>>> task-31) MySqlDS: getConnection(null,
>>>>>>>>>
WrappedConnectionRequestInfo@4570d800[userName=KeycloakUSR])
>>>>>>>>> [0/20]
>>>>>>>>> 2017-04-25 09:54:56,143 DEBUG
>>>>>>>>>
[org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl]
>>>>>>>>>
>>>>>>>>> (default task-31) Initiating JDBC connection release
from
>>>>>>>>> afterStatement
>>>>>>>>> 2017-04-25 09:54:56,143 DEBUG [org.hibernate.SQL]
(default
>>>>>>>>> task-31)
>>>>>>>>> select
>>>>>>>>> roleentity0_.ID as col_0_0_
>>>>>>>>> from
>>>>>>>>> KEYCLOAK_ROLE roleentity0_
>>>>>>>>> where
>>>>>>>>> roleentity0_.CLIENT_ROLE=0
>>>>>>>>> and roleentity0_.NAME=?
>>>>>>>>> and roleentity0_.REALM=?
>>>>>>>>> 2017-04-25 09:54:56,144 DEBUG
>>>>>>>>>
[org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl]
>>>>>>>>>
>>>>>>>>> (default task-31) Initiating JDBC connection release
from
>>>>>>>>> afterStatement
>>>>>>>>> 2017-04-25 09:54:56,144 DEBUG [org.hibernate.SQL]
(default
>>>>>>>>> task-31)
>>>>>>>>> select
>>>>>>>>> roleentity0_.ID as col_0_0_
>>>>>>>>> from
>>>>>>>>> KEYCLOAK_ROLE roleentity0_
>>>>>>>>> where
>>>>>>>>> roleentity0_.CLIENT_ROLE=0
>>>>>>>>> and roleentity0_.NAME=?
>>>>>>>>> and roleentity0_.REALM=?
>>>>>>>>> 2017-04-25 09:54:56,144 DEBUG
>>>>>>>>>
[org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl]
>>>>>>>>>
>>>>>>>>> (default task-31) Initiating JDBC connection release
from
>>>>>>>>> afterStatement
>>>>>>>>> 2017-04-25 09:54:56,145 DEBUG [org.keycloak.events]
(default
>>>>>>>>> task-31)
>>>>>>>>> type=LOGIN, realmId=Demo, clientId=moodle,
>>>>>>>>> userId=ed5ba52a-531d-4e6e-b12e-9bc0957a8c1f,
>>>>>>>>> ipAddress=192.168.0.27,
>>>>>>>>> auth_method=openid-connect, auth_type=code,
>>>>>>>>> redirect_uri=https://localhost/moodleiam/auth/oidc/,
>>>>>>>>> consent=no_consent_required,
>>>>>>>>> code_id=08539f13-cb1c-423e-86a3-365c29b055f1,
username=testuser
>>>>>>>>> 2017-04-25 09:54:56,145 DEBUG
>>>>>>>>>
[org.keycloak.services.managers.AuthenticationManager]
>>>>>>>>> (default task-31)
>>>>>>>>> Removing old user session: session:
>>>>>>>>> 9a5218f8-aa9c-496c-aa00-780430f19c1b
>>>>>>>>> 2017-04-25 09:54:56,145 DEBUG
>>>>>>>>>
[org.keycloak.services.managers.AuthenticationManager]
>>>>>>>>> (default task-31)
>>>>>>>>> Create login cookie - name: KEYCLOAK_IDENTITY, path:
>>>>>>>>> /auth/realms/Demo,
>>>>>>>>> max-age: -1
>>>>>>>>> 2017-04-25 09:54:56,145 DEBUG
>>>>>>>>>
[org.keycloak.services.managers.AuthenticationManager]
>>>>>>>>> (default task-31)
>>>>>>>>> Expiring remember me cookie
>>>>>>>>> 2017-04-25 09:54:56,145 DEBUG
>>>>>>>>>
[org.keycloak.services.managers.AuthenticationManager]
>>>>>>>>> (default task-31)
>>>>>>>>> Expiring cookie: KEYCLOAK_REMEMBER_ME path:
/auth/realms/Demo
>>>>>>>>> 2017-04-25 09:54:56,146 DEBUG
>>>>>>>>> [org.keycloak.protocol.oidc.OIDCLoginProtocol]
(default task-31)
>>>>>>>>> redirectAccessCode: state: bIJNAcPb8Rxz8Wb
>>>>>>>>> 2017-04-25 09:54:56,146 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper]
(default
>>>>>>>>> task-31)
>>>>>>>>> JtaTransactionWrapper commit
>>>>>>>>> 2017-04-25 09:54:56,149 DEBUG
>>>>>>>>>
[org.jboss.jca.core.connectionmanager.pool.strategy.OnePool]
>>>>>>>>> (default
>>>>>>>>> task-31) MySqlDS: returnConnection(4edba62b, false)
[0/20]
>>>>>>>>> 2017-04-25 09:54:56,149 DEBUG
>>>>>>>>>
[org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl]
>>>>>>>>>
>>>>>>>>> (default task-31) Initiating JDBC connection release
from
>>>>>>>>> afterTransaction
>>>>>>>>> 2017-04-25 09:54:56,149 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper]
(default
>>>>>>>>> task-31)
>>>>>>>>> JtaTransactionWrapper end
>>>>>>>>> 2017-04-25 09:54:56,642 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper]
(default
>>>>>>>>> task-24) new
>>>>>>>>> JtaTransactionWrapper
>>>>>>>>> 2017-04-25 09:54:56,642 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper]
(default
>>>>>>>>> task-24) was
>>>>>>>>> existing? false
>>>>>>>>> 2017-04-25 09:54:56,642 DEBUG
>>>>>>>>> [org.jboss.resteasy.resteasy_jaxrs.i18n]
>>>>>>>>> (default task-24) RESTEASY002315: PathInfo:
>>>>>>>>> /realms/demo/protocol/openid-connect/token
>>>>>>>>> 2017-04-25 09:54:56,643 DEBUG
>>>>>>>>> [org.keycloak.authentication.AuthenticationProcessor]
>>>>>>>>> (default task-24)
>>>>>>>>> AUTHENTICATE CLIENT
>>>>>>>>> 2017-04-25 09:54:56,643 DEBUG
>>>>>>>>>
[org.keycloak.authentication.ClientAuthenticationFlow]
>>>>>>>>> (default task-24)
>>>>>>>>> client authenticator: client-secret
>>>>>>>>> 2017-04-25 09:54:56,643 DEBUG
>>>>>>>>>
[org.keycloak.authentication.ClientAuthenticationFlow]
>>>>>>>>> (default task-24)
>>>>>>>>> client authenticator SUCCESS: client-secret
>>>>>>>>> 2017-04-25 09:54:56,643 DEBUG
>>>>>>>>>
[org.keycloak.authentication.ClientAuthenticationFlow]
>>>>>>>>> (default task-24)
>>>>>>>>> Client moodle authenticated by client-secret
>>>>>>>>> 2017-04-25 09:54:56,663 DEBUG [org.keycloak.events]
(default
>>>>>>>>> task-24)
>>>>>>>>> type=CODE_TO_TOKEN, realmId=Demo, clientId=moodle,
>>>>>>>>> userId=ed5ba52a-531d-4e6e-b12e-9bc0957a8c1f,
>>>>>>>>> ipAddress=153.109.152.213,
>>>>>>>>> token_id=75173922-dd56-44ca-9255-9a5368e557f4,
>>>>>>>>> grant_type=authorization_code,
refresh_token_type=Refresh,
>>>>>>>>>
refresh_token_id=d7daabe5-8e73-4b8e-b108-92188e1118df,
>>>>>>>>> code_id=08539f13-cb1c-423e-86a3-365c29b055f1,
>>>>>>>>> client_auth_method=client-secret
>>>>>>>>> 2017-04-25 09:54:56,663 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper]
(default
>>>>>>>>> task-24)
>>>>>>>>> JtaTransactionWrapper commit
>>>>>>>>> 2017-04-25 09:54:56,663 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper]
(default
>>>>>>>>> task-24)
>>>>>>>>> JtaTransactionWrapper end
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> *Login to portal2**
>>>>>>>>> *
>>>>>>>>> 2017-04-25 09:56:17,566 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper]
(default
>>>>>>>>> task-6) new
>>>>>>>>> JtaTransactionWrapper
>>>>>>>>> 2017-04-25 09:56:17,566 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper]
(default
>>>>>>>>> task-6) was
>>>>>>>>> existing? false
>>>>>>>>> 2017-04-25 09:56:17,567 DEBUG
>>>>>>>>> [org.jboss.resteasy.resteasy_jaxrs.i18n]
>>>>>>>>> (default task-6) RESTEASY002315: PathInfo:
>>>>>>>>> /realms/demo/protocol/openid-connect/auth
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>> [org.keycloak.authentication.AuthenticationProcessor]
>>>>>>>>> (default task-6)
>>>>>>>>> AUTHENTICATE
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>> [org.keycloak.authentication.AuthenticationProcessor]
>>>>>>>>> (default task-6)
>>>>>>>>> AUTHENTICATE ONLY
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-6)
>>>>>>>>> processFlow
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-6)
>>>>>>>>> check execution: auth-cookie requirement:
ALTERNATIVE
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-6)
>>>>>>>>> authenticator: auth-cookie
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-6)
>>>>>>>>> invoke authenticator.authenticate
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>>
[org.keycloak.services.managers.AuthenticationManager]
>>>>>>>>> (default task-6)
>>>>>>>>> Could not find cookie: KEYCLOAK_IDENTITY
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-6)
>>>>>>>>> authenticator ATTEMPTED: auth-cookie
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-6)
>>>>>>>>> check execution: auth-spnego requirement: DISABLED
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-6)
>>>>>>>>> execution is processed
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-6)
>>>>>>>>> check execution: identity-provider-redirector
requirement:
>>>>>>>>> ALTERNATIVE
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-6)
>>>>>>>>> authenticator: identity-provider-redirector
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-6)
>>>>>>>>> invoke authenticator.authenticate
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-6)
>>>>>>>>> authenticator ATTEMPTED:
identity-provider-redirector
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-6)
>>>>>>>>> check execution: null requirement: ALTERNATIVE
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-6)
>>>>>>>>> execution is flow
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-6)
>>>>>>>>> processFlow
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-6)
>>>>>>>>> check execution: auth-username-password-form
requirement:
>>>>>>>>> REQUIRED
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-6)
>>>>>>>>> authenticator: auth-username-password-form
>>>>>>>>> 2017-04-25 09:56:17,569 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-6)
>>>>>>>>> invoke authenticator.authenticate
>>>>>>>>> 2017-04-25 09:56:17,572 DEBUG [freemarker.cache]
(default
>>>>>>>>> task-6)
>>>>>>>>>
TemplateLoader.findTemplateSource("template_en_US.ftl"): Not
>>>>>>>>> found
>>>>>>>>> 2017-04-25 09:56:17,572 DEBUG [freemarker.cache]
(default
>>>>>>>>> task-6)
>>>>>>>>>
TemplateLoader.findTemplateSource("template_en.ftl"): Not found
>>>>>>>>> 2017-04-25 09:56:17,572 DEBUG [freemarker.cache]
(default
>>>>>>>>> task-6)
>>>>>>>>>
TemplateLoader.findTemplateSource("template.ftl"): Found
>>>>>>>>> 2017-04-25 09:56:17,572 DEBUG [freemarker.cache]
(default
>>>>>>>>> task-6)
>>>>>>>>> "template.ftl"("en_US", UTF-8,
parsed): using cached since
>>>>>>>>>
file:/opt/jboss/keycloak/themes/base/login/template.ftl
>>>>>>>>> hasn't changed.
>>>>>>>>> 2017-04-25 09:56:17,573 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-6)
>>>>>>>>> authenticator CHALLENGE: auth-username-password-form
>>>>>>>>> 2017-04-25 09:56:17,573 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper]
(default
>>>>>>>>> task-6)
>>>>>>>>> JtaTransactionWrapper commit
>>>>>>>>> 2017-04-25 09:56:17,573 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper]
(default
>>>>>>>>> task-6)
>>>>>>>>> JtaTransactionWrapper end
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> *After authentication to portal2**
>>>>>>>>> *
>>>>>>>>> 2017-04-25 09:56:29,001 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper]
(default
>>>>>>>>> task-4) new
>>>>>>>>> JtaTransactionWrapper
>>>>>>>>> 2017-04-25 09:56:29,001 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper]
(default
>>>>>>>>> task-4) was
>>>>>>>>> existing? false
>>>>>>>>> 2017-04-25 09:56:29,001 DEBUG
>>>>>>>>> [org.jboss.resteasy.resteasy_jaxrs.i18n]
>>>>>>>>> (default task-4) RESTEASY002315: PathInfo:
>>>>>>>>> /realms/Demo/login-actions/authenticate
>>>>>>>>> 2017-04-25 09:56:29,002 DEBUG
>>>>>>>>> [org.keycloak.authentication.AuthenticationProcessor]
>>>>>>>>> (default task-4)
>>>>>>>>> authenticationAction
>>>>>>>>> 2017-04-25 09:56:29,002 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-4)
>>>>>>>>> processAction: dfde24fe-5e06-4dc9-8dc2-f82eedd89846
>>>>>>>>> 2017-04-25 09:56:29,002 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-4)
>>>>>>>>> check: auth-cookie requirement: ALTERNATIVE
>>>>>>>>> 2017-04-25 09:56:29,002 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-4)
>>>>>>>>> execution is processed
>>>>>>>>> 2017-04-25 09:56:29,002 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-4)
>>>>>>>>> check: auth-spnego requirement: DISABLED
>>>>>>>>> 2017-04-25 09:56:29,002 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-4)
>>>>>>>>> execution is processed
>>>>>>>>> 2017-04-25 09:56:29,004 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-4)
>>>>>>>>> check: identity-provider-redirector requirement:
ALTERNATIVE
>>>>>>>>> 2017-04-25 09:56:29,004 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-4)
>>>>>>>>> execution is processed
>>>>>>>>> 2017-04-25 09:56:29,004 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-4)
>>>>>>>>> check: null requirement: ALTERNATIVE
>>>>>>>>> 2017-04-25 09:56:29,004 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-4)
>>>>>>>>> processAction: dfde24fe-5e06-4dc9-8dc2-f82eedd89846
>>>>>>>>> 2017-04-25 09:56:29,004 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-4)
>>>>>>>>> check: auth-username-password-form requirement:
REQUIRED
>>>>>>>>> 2017-04-25 09:56:29,004 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-4)
>>>>>>>>> action: auth-username-password-form
>>>>>>>>> 2017-04-25 09:56:29,099 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-4)
>>>>>>>>> authenticator SUCCESS: auth-username-password-form
>>>>>>>>> 2017-04-25 09:56:29,100 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-4)
>>>>>>>>> processFlow
>>>>>>>>> 2017-04-25 09:56:29,100 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-4)
>>>>>>>>> check execution: auth-otp-form requirement: OPTIONAL
>>>>>>>>> 2017-04-25 09:56:29,100 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-4)
>>>>>>>>> authenticator: auth-otp-form
>>>>>>>>> 2017-04-25 09:56:29,100 DEBUG
>>>>>>>>>
[org.keycloak.authentication.DefaultAuthenticationFlow]
>>>>>>>>> (default task-4)
>>>>>>>>> processFlow
>>>>>>>>> 2017-04-25 09:56:29,100 DEBUG
>>>>>>>>>
[org.hibernate.resource.transaction.backend.jta.internal.JtaTransactionCoordinatorImpl]
>>>>>>>>>
>>>>>>>>> (default task-4) Hibernate RegisteredSynchronization
>>>>>>>>> successfully
>>>>>>>>> registered with JTA platform
>>>>>>>>> 2017-04-25 09:56:29,100 DEBUG [org.hibernate.SQL]
(default
>>>>>>>>> task-4)
>>>>>>>>> select
>>>>>>>>> roleentity0_.ID as col_0_0_
>>>>>>>>> from
>>>>>>>>> KEYCLOAK_ROLE roleentity0_
>>>>>>>>> where
>>>>>>>>> roleentity0_.CLIENT_ROLE=0
>>>>>>>>> and roleentity0_.NAME=?
>>>>>>>>> and roleentity0_.REALM=?
>>>>>>>>> 2017-04-25 09:56:29,101 DEBUG
>>>>>>>>>
[org.jboss.jca.core.connectionmanager.pool.strategy.OnePool]
>>>>>>>>> (default
>>>>>>>>> task-4) MySqlDS: getConnection(null,
>>>>>>>>>
WrappedConnectionRequestInfo@4570d800[userName=KeycloakUSR])
>>>>>>>>> [0/20]
>>>>>>>>> 2017-04-25 09:56:29,102 DEBUG
>>>>>>>>>
[org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl]
>>>>>>>>>
>>>>>>>>> (default task-4) Initiating JDBC connection release
from
>>>>>>>>> afterStatement
>>>>>>>>> 2017-04-25 09:56:29,103 DEBUG [org.hibernate.SQL]
(default
>>>>>>>>> task-4)
>>>>>>>>> select
>>>>>>>>> roleentity0_.ID as col_0_0_
>>>>>>>>> from
>>>>>>>>> KEYCLOAK_ROLE roleentity0_
>>>>>>>>> where
>>>>>>>>> roleentity0_.CLIENT_ROLE=0
>>>>>>>>> and roleentity0_.NAME=?
>>>>>>>>> and roleentity0_.REALM=?
>>>>>>>>> 2017-04-25 09:56:29,103 DEBUG
>>>>>>>>>
[org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl]
>>>>>>>>>
>>>>>>>>> (default task-4) Initiating JDBC connection release
from
>>>>>>>>> afterStatement
>>>>>>>>> 2017-04-25 09:56:29,103 DEBUG [org.hibernate.SQL]
(default
>>>>>>>>> task-4)
>>>>>>>>> select
>>>>>>>>> roleentity0_.ID as col_0_0_
>>>>>>>>> from
>>>>>>>>> KEYCLOAK_ROLE roleentity0_
>>>>>>>>> where
>>>>>>>>> roleentity0_.CLIENT_ROLE=0
>>>>>>>>> and roleentity0_.NAME=?
>>>>>>>>> and roleentity0_.REALM=?
>>>>>>>>> 2017-04-25 09:56:29,104 DEBUG
>>>>>>>>>
[org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl]
>>>>>>>>>
>>>>>>>>> (default task-4) Initiating JDBC connection release
from
>>>>>>>>> afterStatement
>>>>>>>>> 2017-04-25 09:56:29,104 DEBUG [org.keycloak.events]
(default
>>>>>>>>> task-4)
>>>>>>>>> type=LOGIN, realmId=Demo, clientId=moodle2,
>>>>>>>>> userId=ed5ba52a-531d-4e6e-b12e-9bc0957a8c1f,
>>>>>>>>> ipAddress=192.168.0.27,
>>>>>>>>> auth_method=openid-connect, auth_type=code,
>>>>>>>>>
redirect_uri=https://localhost/moodle2iam/auth/oidc/,
>>>>>>>>> consent=no_consent_required,
>>>>>>>>> code_id=cffeac69-54fc-4d19-be81-36f0f19ce1ef,
username=testuser
>>>>>>>>> 2017-04-25 09:56:29,104 DEBUG
>>>>>>>>>
[org.keycloak.services.managers.AuthenticationManager]
>>>>>>>>> (default task-4)
>>>>>>>>> Removing old user session: session:
>>>>>>>>> 431cecf6-5a6b-4bbc-9467-3f52eff8090f
>>>>>>>>> 2017-04-25 09:56:29,105 DEBUG
>>>>>>>>>
[org.keycloak.services.managers.AuthenticationManager]
>>>>>>>>> (default task-4)
>>>>>>>>> Create login cookie - name: KEYCLOAK_IDENTITY, path:
>>>>>>>>> /auth/realms/Demo,
>>>>>>>>> max-age: -1
>>>>>>>>> 2017-04-25 09:56:29,105 DEBUG
>>>>>>>>>
[org.keycloak.services.managers.AuthenticationManager]
>>>>>>>>> (default task-4)
>>>>>>>>> Expiring remember me cookie
>>>>>>>>> 2017-04-25 09:56:29,105 DEBUG
>>>>>>>>>
[org.keycloak.services.managers.AuthenticationManager]
>>>>>>>>> (default task-4)
>>>>>>>>> Expiring cookie: KEYCLOAK_REMEMBER_ME path:
/auth/realms/Demo
>>>>>>>>> 2017-04-25 09:56:29,105 DEBUG
>>>>>>>>> [org.keycloak.protocol.oidc.OIDCLoginProtocol]
(default task-4)
>>>>>>>>> redirectAccessCode: state: WUCTMXokISFDbFN
>>>>>>>>> 2017-04-25 09:56:29,105 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper]
(default
>>>>>>>>> task-4)
>>>>>>>>> JtaTransactionWrapper commit
>>>>>>>>> 2017-04-25 09:56:29,106 DEBUG
>>>>>>>>>
[org.jboss.jca.core.connectionmanager.pool.strategy.OnePool]
>>>>>>>>> (default
>>>>>>>>> task-4) MySqlDS: returnConnection(4edba62b, false)
[0/20]
>>>>>>>>> 2017-04-25 09:56:29,106 DEBUG
>>>>>>>>>
[org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl]
>>>>>>>>>
>>>>>>>>> (default task-4) Initiating JDBC connection release
from
>>>>>>>>> afterTransaction
>>>>>>>>> 2017-04-25 09:56:29,106 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper]
(default
>>>>>>>>> task-4)
>>>>>>>>> JtaTransactionWrapper end
>>>>>>>>> 2017-04-25 09:56:29,626 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper]
(default
>>>>>>>>> task-13) new
>>>>>>>>> JtaTransactionWrapper
>>>>>>>>> 2017-04-25 09:56:29,626 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper]
(default
>>>>>>>>> task-13) was
>>>>>>>>> existing? false
>>>>>>>>> 2017-04-25 09:56:29,627 DEBUG
>>>>>>>>> [org.jboss.resteasy.resteasy_jaxrs.i18n]
>>>>>>>>> (default task-13) RESTEASY002315: PathInfo:
>>>>>>>>> /realms/demo/protocol/openid-connect/token
>>>>>>>>> 2017-04-25 09:56:29,627 DEBUG
>>>>>>>>> [org.keycloak.authentication.AuthenticationProcessor]
>>>>>>>>> (default task-13)
>>>>>>>>> AUTHENTICATE CLIENT
>>>>>>>>> 2017-04-25 09:56:29,627 DEBUG
>>>>>>>>>
[org.keycloak.authentication.ClientAuthenticationFlow]
>>>>>>>>> (default task-13)
>>>>>>>>> client authenticator: client-secret
>>>>>>>>> 2017-04-25 09:56:29,627 DEBUG
>>>>>>>>>
[org.keycloak.authentication.ClientAuthenticationFlow]
>>>>>>>>> (default task-13)
>>>>>>>>> client authenticator SUCCESS: client-secret
>>>>>>>>> 2017-04-25 09:56:29,627 DEBUG
>>>>>>>>>
[org.keycloak.authentication.ClientAuthenticationFlow]
>>>>>>>>> (default task-13)
>>>>>>>>> Client moodle2 authenticated by client-secret
>>>>>>>>> 2017-04-25 09:56:29,656 DEBUG [org.keycloak.events]
(default
>>>>>>>>> task-13)
>>>>>>>>> type=CODE_TO_TOKEN, realmId=Demo, clientId=moodle2,
>>>>>>>>> userId=ed5ba52a-531d-4e6e-b12e-9bc0957a8c1f,
>>>>>>>>> ipAddress=153.109.152.213,
>>>>>>>>> token_id=ff9b3385-1362-4559-ad53-05317755b280,
>>>>>>>>> grant_type=authorization_code,
refresh_token_type=Refresh,
>>>>>>>>>
refresh_token_id=356011d7-e9fa-4c90-9368-a7627a445bc7,
>>>>>>>>> code_id=cffeac69-54fc-4d19-be81-36f0f19ce1ef,
>>>>>>>>> client_auth_method=client-secret
>>>>>>>>> 2017-04-25 09:56:29,656 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper]
(default
>>>>>>>>> task-13)
>>>>>>>>> JtaTransactionWrapper commit
>>>>>>>>> 2017-04-25 09:56:29,656 DEBUG
>>>>>>>>> [org.keycloak.transaction.JtaTransactionWrapper]
(default
>>>>>>>>> task-13)
>>>>>>>>> JtaTransactionWrapper end
>>>>>>>>> 2017-04-25 09:56:29,660 DEBUG
[io.undertow.request.io]
>>>>>>>>> (default I/O-1)
>>>>>>>>> Error reading request: java.io.IOException:
Connection reset
>>>>>>>>> by peer
>>>>>>>>> at
sun.nio.ch.FileDispatcherImpl.read0(Native Method)
>>>>>>>>> at
>>>>>>>>>
sun.nio.ch.SocketDispatcher.read(SocketDispatcher.java:39)
>>>>>>>>> at
>>>>>>>>>
sun.nio.ch.IOUtil.readIntoNativeBuffer(IOUtil.java:223)
>>>>>>>>> at sun.nio.ch.IOUtil.read(IOUtil.java:192)
>>>>>>>>> at
>>>>>>>>>
sun.nio.ch.SocketChannelImpl.read(SocketChannelImpl.java:380)
>>>>>>>>> at
>>>>>>>>>
org.xnio.nio.NioSocketConduit.read(NioSocketConduit.java:282)
>>>>>>>>> at
>>>>>>>>>
io.undertow.protocols.ssl.SslConduit.doUnwrap(SslConduit.java:658)
>>>>>>>>>
>>>>>>>>> at
>>>>>>>>>
io.undertow.protocols.ssl.SslConduit.read(SslConduit.java:530)
>>>>>>>>> at
>>>>>>>>>
org.xnio.conduits.ConduitStreamSourceChannel.read(ConduitStreamSourceChannel.java:127)
>>>>>>>>>
>>>>>>>>> at
>>>>>>>>>
io.undertow.server.protocol.http.HttpReadListener.handleEventWithNoRunningRequest(HttpReadListener.java:152)
>>>>>>>>>
>>>>>>>>> at
>>>>>>>>>
io.undertow.server.protocol.http.HttpReadListener.handleEvent(HttpReadListener.java:130)
>>>>>>>>>
>>>>>>>>> at
>>>>>>>>>
io.undertow.server.protocol.http.HttpReadListener.handleEvent(HttpReadListener.java:56)
>>>>>>>>>
>>>>>>>>> at
>>>>>>>>>
org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
>>>>>>>>>
>>>>>>>>> at
>>>>>>>>>
org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)
>>>>>>>>>
>>>>>>>>> at
>>>>>>>>>
io.undertow.protocols.ssl.SslConduit$SslReadReadyHandler.readReady(SslConduit.java:1059)
>>>>>>>>>
>>>>>>>>> at
>>>>>>>>>
org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:88)
>>>>>>>>>
>>>>>>>>> at
>>>>>>>>> org.xnio.nio.WorkerThread.run(WorkerThread.java:559)
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> keycloak-user mailing list
>>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>