8:34 a.m.
Hi Bill,
My goal is get liveoak, aerogear and keycloak working on different
servers. LiveOak uses Keycloak and Aerogear. Following are the steps i
took.
1) Install Keycloak on one server with self signed certificate. It is
accessible via https://XXX.XXX.XXX.XXX:8443/auth. Worked
2) Installed AreoGear on another server with self signed certificate.
It is accessible via https://XXX.XXX.XXX.XXX:8443/ag-push. Worked
3) Imported attached JSON in as a new aerogear realm in keycloak.
Worked
4) Updated Keycloak to use MongoDB. Worked
5) Update application aerogear with keycloak.json restarted wildfly
server. Updated application under AreoGear to use
https://XXX.XXX.XXX.XXX:8443/ag-push/* as a redirect uri. Worked.
6) Restarted both the wildfly servers.
7) After restart tried to login to https://XXX.XXX.XXX.XXX:8443/ag-push/
forwarded me to https://XXX.XXX.XXX.XXX:8443/auth login page. Successfull
login was achieved.
8) PROBLEM: After login redirect to
https://XXX.XXX.XXX.XXX:8443/ag-push/ where by i get error "No state
cookie" in AreoGear log, which is coming from OAuthRequestAuthenticator
line 116 because the adapter can not find a cookie with name "
OAuth_Token_Request_State" in HTTP.
Troubleshooting Try 1.
1) updated aerogear to use 1.0.1.Beta1 Adapter. Still works does not
solve the problem same error.
Troubleshooting Try 2.
1) updated keycloak.json by adding *"disable-trust-manager": true*.
Still works does not solve the problem same error.
Troubleshooting Try 2. Still have not done but will do today is
1) updated keycloak.json by adding *"disable-trust-manager":
false,"truststore": "/path","truststore-password":
"password"*. Will
report back shortly.
Regards,
Pratik Parikh
On Fri, Nov 14, 2014 at 8:46 AM, Bill Burke <bburke(a)redhat.com> wrote:
Can you explain your problem again? I think I am misunderstanding
what
problems you are having. You linked this message:
http://lists.jboss.org/pipermail/keycloak-user/2014-November/001170.html
We do not support OIDC scope param, but you can limit the application's
scope in the admin console.
On 11/13/2014 10:28 PM, Pratik Parikh wrote:
> Hi Bill,
>
> Is this because both of my server (keycloak and aerogear are
> https). Do i need to establish trust between them?
>
> Regards,
> Pratik Parikh
>
> On Thu, Nov 13, 2014 at 8:18 PM, Pratik Parikh
> <pratik.p.parikh(a)gmail.com <mailto:pratik.p.parikh@gmail.com>> wrote:
>
> Hi Bill,
>
> Thanks i turned the scope off under the application but that
> did not help. Could you please help us understand what is going
> on. I am trying to look the code but seems like it is going to take
> be a bit to figure it out. It seems like HttpFacade.Cookies is
> suppose to have state cookie which is contained in
> KeycloakDeployment. I did try what you suggest was that not
> correctly understood by me? I am new to keycloak but this is a great
> project would like to understand it and use it to its fullest
> extend. Can you help me get past this problem. Thanks in advance.
>
> Regards,
> --
> Pratik Parikh
> - Mantra - Keep It Simple and Straightforward
>
>
>
>
> --
> Pratik Parikh
> - Mantra - Keep It Simple and Straightforward
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Pratik Parikh
- Mantra - Keep It Simple and Straightforward