Just a guess, but if your app is behind a load balancer you need to have
either sticky sessions on (to make sure client requests always end up at
the same server) or put the <distributable/> tag in your web.xml to enable
session replication between nodes. We had a similar issue that was resolved
by enabling session replication.
Jared
On Oct 4, 2016 11:25 AM, "Chris Savory" <chris.savory(a)edlogics.com>
wrote:
Is this using the JavaScript adapter? We ran into a similar problem
yesterday.
--
Christopher Savory
Software Engineer | EdLogics
www.edlogics.com <
http://www.edlogics.com/>
<
http://www.edlogics.com/>
<
https://www.linkedin.com/company/edlogics> <
https://twitter.com/EdLogics
>
On 10/4/16, 9:45 AM, "keycloak-user-bounces(a)lists.jboss.org on behalf of
Pulkit Gupta" <keycloak-user-bounces(a)lists.jboss.org on behalf of
pulgupta(a)redhat.com> wrote:
Hi Josh,
I have the paths with trailing slashes in my web.xml. Just my entityId
does
not has a trailing slash.
Also the application sometime works in one assertion and sometime it
will
take 3-4 round trips but it always works eventually.
We enabled the debug logging but it seems adapter does not put
anything in
the logs.
I am not sure where to look next. In case you can think of anything
else
that will really help me unblock myself.
Regards,
Pulkit.
On Tue, Oct 4, 2016 at 7:15 PM, Josh Cain <jcain(a)redhat.com> wrote:
> I used to see something similar in Picketlink if I configured a
web.xml
> without paying attention to the trailing slash (I.E.
https://example.co
> m/foo vs
https://example.com/foo/). The IDP would isse an
> assertion/token for the audience that did not match the security
> constraint (based on the trailing slash), then an infinite redirect
> loop would occur.
>
> Maybe check your trailing slashes?
> On Tue, 2016-10-04 at 16:21 +0530, Pulkit Gupta wrote:
> > Yes,
> >
> > I am using the standard adapter.
> > This is happening more frequently now.
> >
> > Regards,
> > Pulkit.
> >
> > On Mon, Oct 3, 2016 at 9:24 PM, Bill Burke <bburke(a)redhat.com>
wrote:
> >
> > >
> > > Are you using our adapters?
> > >
> > >
> > > On 10/3/16 3:13 AM, Pulkit Gupta wrote:
> > > >
> > > > Hi All,
> > > >
> > > > I am facing a problem with my keycloak integration.
> > > > When I enter the URL of my application it gets redirected to
the
> > > > keycloak
> > > > server.
> > > >
> > > > After I enter the credentials the server redirects back to my
> > > > application
> > > > URL.
> > > > Till now things look ok. Once authentication is successful
weird
> > > > thing
> > > > starts.
> > > >
> > > > Keycloak server redirects back to my application.
> > > > My application again redirects to the keycloak server which
> > > > without
> > > showing
> > > >
> > > > the login page again redirects to my application. This happens
> > > > once or
> > > > twice after which finally my application page loads. In this
> > > > process, I
> > > can
> > > >
> > > > see multiple SAML XMLs being exchanged.
> > > >
> > > > Environment and setup Details
> > > > SP EntityID : /wapps/distributors
> > > > Page I am visiting directly :
https://www.xxxx.com/w
> > > > apps/
> > > > distributors/protected/nachannelsearch.html
> > > > Server : 2 Jboss 6 servers running behind a LB
> > > >
> > > > Please let me know in case this is something related to
> > > > configuration or
> > > > might be some issue related to proxies or load balancers in my
> > > environment.
> > > >
> > > >
> > >
> > > _______________________________________________
> > > keycloak-user mailing list
> > > keycloak-user(a)lists.jboss.org
> > >
https://lists.jboss.org/mailman/listinfo/keycloak-user
> > >
> >
> >
> >
>
--
Thanks,
Pulkit
AMS
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user