I have upgraded from keycloak 4.3 to keycloak 4.4. I ahve exported the
realm from 4.3 and imported in 4.4.
The "policy-enforcer": {} in keycloak.json results in *403
:
{"error":"invalid_scope","error_description":"Requires
uma_protection
scope."}*
In keycloak 4.3 everything works fine. I have exported realm and used with
keycloak 4.4, but the policy-enforcer does not work. Is there some extra
step that is needed apart from exporting and importing json?
If I remove policy-enforcer line the app works fine.
*APP code:*
final String KEYCLOAK_JSON = //json path;
InputStream config =
Thread.currentThread().getContextClassLoader().getResourceAsStream(KEYCLOAK_JSON);
KeycloakInstalled keycloak = new KeycloakInstalled(config);
*Stack trace thrown at the time of starting app:*
java.lang.RuntimeException: Could not find resource
Logged in...
at
org.keycloak.authorization.client.util.Throwables.handleWrapException(Throwables.java:45)
at
org.keycloak.authorization.client.resource.ProtectedResource.findAll(ProtectedResource.java:228)
at
org.keycloak.adapters.authorization.PolicyEnforcer.configureAllPathsForResourceServer(PolicyEnforcer.java:225)
at
org.keycloak.adapters.authorization.PolicyEnforcer.configurePaths(PolicyEnforcer.java:157)
at
org.keycloak.adapters.authorization.PolicyEnforcer.<init>(PolicyEnforcer.java:77)
at
org.keycloak.adapters.KeycloakDeploymentBuilder.internalBuild(KeycloakDeploymentBuilder.java:143)
at
org.keycloak.adapters.KeycloakDeploymentBuilder.build(KeycloakDeploymentBuilder.java:152)
at
org.keycloak.adapters.installed.KeycloakInstalled.<init>(KeycloakInstalled.java:94)
at
com.cadence.adw.common.auth.AuthenticationTest.main(AuthenticationTest.java:138)
Caused by: org.keycloak.authorization.client.AuthorizationDeniedException:
org.keycloak.authorization.client.util.HttpResponseException: Unexpected
response from server: 403 / Forbidden / Response from server:
{"error":"invalid_scope","error_description":"Requires
uma_protection
scope."}
at
org.keycloak.authorization.client.util.Throwables.handleAndWrapHttpResponseException(Throwables.java:96)
at
org.keycloak.authorization.client.util.Throwables.handleWrapException(Throwables.java:42)
at
org.keycloak.authorization.client.util.Throwables.retryAndWrapExceptionIfNecessary(Throwables.java:87)
at
org.keycloak.authorization.client.resource.ProtectedResource.find(ProtectedResource.java:181)
at
org.keycloak.authorization.client.resource.ProtectedResource.findAll(ProtectedResource.java:226)
... 7 more
Caused by: org.keycloak.authorization.client.util.HttpResponseException:
Unexpected response from server: 403 / Forbidden / Response from server:
{"error":"invalid_scope","error_description":"Requires
uma_protection
scope."}
at
org.keycloak.authorization.client.util.HttpMethod.execute(HttpMethod.java:95)
at
org.keycloak.authorization.client.util.HttpMethodResponse$2.execute(HttpMethodResponse.java:50)
at
org.keycloak.authorization.client.resource.ProtectedResource$4.call(ProtectedResource.java:175)
at
org.keycloak.authorization.client.resource.ProtectedResource$4.call(ProtectedResource.java:172)
at
org.keycloak.authorization.client.resource.ProtectedResource.find(ProtectedResource.java:179)
... 8 more