Does your keycloak server have certificate signed by known CA authority
or are you using some self-signed? If you have self-signed, you also
need to configure truststore. See
and especially properties related to truststore.
Marek
On 31/05/16 15:00, Emil Posmyk wrote:
sorry, i forgot to finish title
{
"realm": "Brandpath",
"realm-public-key": "key.....",
"auth-server-url": "https://sabdev_oms.brandpath.net/auth",
"ssl-required": "external",
"resource": "oms-web",
"credentials": {
"secret": "secret"
},
"use-resource-role-mappings": true
}
regards
/--/
/Emil Posmyk
/
2016-05-31 14:26 GMT+02:00 Marek Posolda <mposolda(a)redhat.com
<mailto:mposolda@redhat.com>>:
How is "auth-server-url" in your keycloak.json configured? If
you're using relative URI, then you can maybe try to use absolute
URI and see if it help?
Marek
On 31/05/16 14:19, Emil Posmyk wrote:
> Hello
>
> I'm reciving error when I try login to our application:
> ClientProtocolException: URI does not specify a valid host name:
> https:/auth/realms/Brandpath/protocol/openid-connect/token
> Http protocol is working fine, no errors, but using https I
> recive each time uri without host name.
> Auth page is working fine.
>
> What can cause that error ?
>
>
> 14:59:22,937 ERROR
> [org.keycloak.adapters.OAuthRequestAuthenticator] (default
> task-2) failed to turn code into token:
> org.apache.http.client.ClientProtocolException: URI does not
> specify a valid host name:
> https:/auth/realms/Brandpath/protocol/openid-connect/token
> [Server:ms-server1] at
>
org.apache.http.impl.client.CloseableHttpClient.determineTarget(CloseableHttpClient.java:94)
> [Server:ms-server1] at
>
org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
> [Server:ms-server1] at
>
org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107)
> [Server:ms-server1] at
>
org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:55)
> [Server:ms-server1] at
>
org.keycloak.adapters.ServerRequest.invokeAccessCodeToToken(ServerRequest.java:107)
> [Server:ms-server1] at
>
org.keycloak.adapters.OAuthRequestAuthenticator.resolveCode(OAuthRequestAuthenticator.java:314)
> [Server:ms-server1] at
>
org.keycloak.adapters.OAuthRequestAuthenticator.authenticate(OAuthRequestAuthenticator.java:260)
> [Server:ms-server1] at
>
org.keycloak.adapters.RequestAuthenticator.authenticate(RequestAuthenticator.java:112)
> [Server:ms-server1] at
>
org.keycloak.adapters.undertow.AbstractUndertowKeycloakAuthMech.keycloakAuthenticate(AbstractUndertowKeycloakAuthMech.java:110)
> [Server:ms-server1] at
>
org.keycloak.adapters.undertow.ServletKeycloakAuthMech.authenticate(ServletKeycloakAuthMech.java:92)
> [Server:ms-server1] at
>
io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:233)
> [Server:ms-server1] at
>
io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:250)
> [Server:ms-server1] at
>
io.undertow.security.impl.SecurityContextImpl$AuthAttempter.access$100(SecurityContextImpl.java:219)
> [Server:ms-server1] at
>
io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(SecurityContextImpl.java:121)
> [Server:ms-server1] at
>
io.undertow.security.impl.SecurityContextImpl.authTransition(SecurityContextImpl.java:96)
> [Server:ms-server1] at
>
io.undertow.security.impl.SecurityContextImpl.authenticate(SecurityContextImpl.java:89)
> [Server:ms-server1] at
>
io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:55)
> [Server:ms-server1] at
>
io.undertow.server.handlers.DisableCacheHandler.handleRequest(DisableCacheHandler.java:33)
> [Server:ms-server1] at
>
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> [Server:ms-server1] at
>
io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:51)
> [Server:ms-server1] at
>
io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
> [Server:ms-server1] at
>
io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
> [Server:ms-server1] at
>
io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:56)
> [Server:ms-server1] at
>
io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
> [Server:ms-server1] at
>
io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
> [Server:ms-server1] at
>
io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
> [Server:ms-server1] at
>
io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
> [Server:ms-server1] at
>
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> [Server:ms-server1] at
>
org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
> [Server:ms-server1] at
>
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> [Server:ms-server1] at
>
org.wildfly.mod_cluster.undertow.metric.RunningRequestsHttpHandler.handleRequest(RunningRequestsHttpHandler.java:69)
> [Server:ms-server1] at
>
org.keycloak.adapters.undertow.ServletPreAuthActionsHandler.handleRequest(ServletPreAuthActionsHandler.java:69)
> [Server:ms-server1] at
>
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> [Server:ms-server1] at
>
io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284)
> [Server:ms-server1] at
>
io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263)
> [Server:ms-server1] at
>
io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)
> [Server:ms-server1] at
>
io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:174)
> [Server:ms-server1] at
> io.undertow.server.Connectors.executeRootHandler(Connectors.java:202)
> [Server:ms-server1] at
> io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793)
> [Server:ms-server1] at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> [Server:ms-server1] at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> [Server:ms-server1] at java.lang.Thread.run(Thread.java:745)
>
> /
> regards/
> /--/
> /Emil Posmyk
> /
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org <mailto:keycloak-user@lists.jboss.org>
>
https://lists.jboss.org/mailman/listinfo/keycloak-user