On 10 March 2016 at 20:19, Firdos Ali <ali(a)affordabletours.com> wrote:
Hello,
I am having a few problems with Keycloak. Let me first start with the
environment information:
Keycloak version: 1.9.0
Keycloak wildfly version: 10.0.0
Application wildfly version: 8.0.0
*Problem 1: EJB error - javax.ejb.EJBAccessException: JBAS013323: Invalid
User*
I have followed the documentation by adding the keycloak adapter to the
application wildfly 8.0 and by server.xml has the following:
<extensions>
….
<extension module="org.keycloak.keycloak-adapter-subsystem"/>
</extensions>
<profile>
<subsystem xmlns="urn:jboss:domain:security:1.2">
….
<security-domain name="keycloak">
<authentication>
<login-module
code="org.keycloak.adapters.jboss.KeycloakLoginModule"
flag="required"/>
</authentication>
</security-domain>
</security-domains>
</subsystem>
…
<subsystem xmlns="urn:jboss:domain:keycloak:1.1"/>
</profile>
MyEJB:
@Stateless
@Local(MyInt.*class*)
@SecurityDomain("keycloak")
*public* *class* MyBean *implements* MyInt
...
@PermitAll
@TransactionAttribute(TransactionAttributeType.*REQUIRES_NEW*)
*public* boolean myMethod(...) *throws* Exception {
}
At the moment I am not using jboss-ej3.xml as I reference the security
domain in my EJB class. I added it and it did not help out
Stacktrace:
ERROR [org.jboss.as.ejb3.invocation] (default task-13) JBAS014134: EJB
Invocation failed on component MyBean for method public abstract boolean
com.at.ejb.MyInt.myMethod(…) throws java.lang.Exception:
javax.ejb.EJBAccessException: JBAS013323: Invalid User
at
org.jboss.as.ejb3.security.SecurityContextInterceptor$1.run(SecurityContextInterceptor.java:66)
[wildfly-ejb3-8.0.0.Final.jar:8.0.0.Final]
at
org.jboss.as.ejb3.security.SecurityContextInterceptor$1.run(SecurityContextInterceptor.java:46)
[wildfly-ejb3-8.0.0.Final.jar:8.0.0.Final]
at
org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:92)
[wildfly-ejb3-8.0.0.Final.jar:8.0.0.Final]
at
org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)
at
org.jboss.as.ejb3.component.interceptors.ShutDownInterceptorFactory$1.processInvocation(ShutDownInterceptorFactory.java:64)
[wildfly-ejb3-8.0.0.Final.jar:8.0.0.Final]
at
org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)
at
org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:59)
[wildfly-ejb3-8.0.0.Final.jar:8.0.0.Final]
at
org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)
at
org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50)
at
org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)
at
org.jboss.as.ejb3.component.interceptors.AdditionalSetupInterceptor.processInvocation(AdditionalSetupInterceptor.java:55)
[wildfly-ejb3-8.0.0.Final.jar:8.0.0.Final]
at
org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)
at
org.jboss.invocation.ContextClassLoaderInterceptor.processInvocation(ContextClassLoaderInterceptor.java:64)
at
org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)
at
org.jboss.invocation.InterceptorContext.run(InterceptorContext.java:326)
at
org.wildfly.security.manager.WildFlySecurityManager.doChecked(WildFlySecurityManager.java:448)
at
org.jboss.invocation.AccessCheckingInterceptor.processInvocation(AccessCheckingInterceptor.java:61)
at
org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)
at
org.jboss.invocation.InterceptorContext.run(InterceptorContext.java:326)
at
org.jboss.invocation.PrivilegedWithCombinerInterceptor.processInvocation(PrivilegedWithCombinerInterceptor.java:80)
at
org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)
at
org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)
at
org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:185)
at
org.jboss.as.ee.component.ViewDescription$1.processInvocation(ViewDescription.java:182)
at
org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)
Is there something I am missing from the documentation? Any thoughts how
to resolve this issue?
Is there a bearer token sent with the request that invokes the EJB? If so
try with 1.9.1. Could be
https://issues.jboss.org/browse/KEYCLOAK-2518
fixes this.
*Problem 2: Unable to log out a user from keycloak administration
console:*
After I click “Logout” on the administration console in Keycloak, I see
the following error on the keycloak server:
ERROR [io.undertow.request] (default task-26) UT005023: Exception handling
request to
/auth/admin/realms/affordabletours/sessions/f1e69f90-03fc-453d-a495-225bb0c429ab:
org.jboss.resteasy.spi.UnhandledException: java.lang.NoSuchMethodError:
org.apache.http.impl.client.HttpClientBuilder.setConnectionTimeToLive(JLjava/util/concurrent/TimeUnit;)Lorg/apache/http/impl/client/HttpClientBuilder;
at
org.jboss.resteasy.core.ExceptionHandler.handleApplicationException(ExceptionHandler.java:76)
Are you using the standalone Keycloak server? Looking at javadocs for
httpclient setConnectionTimeToLive was added in 4.4. WildFly 10 uses
httpclient 4.5, so looks like for some reason you have an old version of
httpclient.
Best regards,
*AffordableTours.com* <
http://www.affordabletours.com/>
Firdos Ali
Senior Project Manager
11150 Cash Road
Stafford, TX 77477
Toll Free (800) 935-2620 X181
Direct (281) 269-2681
Fax (281) 269-2691
E-mail: ali(a)affordabletours.com
My Working Hours: Mon - Fri: 09:00AM - 05:00PM CST
*NOTICE: This e-mail message, including any attachments, is for the use of
the intended recipient(s) and may contain confidential and privileged
information. Any unauthorized review, use, disclosure or distribution is
prohibited. If you are not the recipient, please contact the sender by
reply e-mail and destroy all copies of the original message*
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user