1:52 a.m.
Hi Tom,
I'm also quite new to Keycloak and had some trouble setting it up in the
beginning.
That's why I wrote a small tutorial http://sebplorenz.blogspot.de/
Maybe it is of help for you.
Since you are not redirected to Keycloak at all, I would assume that either:
1. Your web resource is not listed in the <security-constraint> element in
web.xml or
2. Your <auth-method> is not set to Keycloak in web.xml or
3. Keycloak is not configured correctly in your standalone.xml server
configuration and therefore does not interrupt the access to the resource.
Good Luck. Sebastian
---------- Weitergeleitete Nachricht ----------
From: Thomas LaPorte <Thomas.LaPorte(a)dreamworks.com>
To: keycloak-user(a)lists.jboss.org
Cc:
Date: Tue, 31 Mar 2015 15:05:32 -0700
Subject: Re: [keycloak-user] Help troubleshooting config
Thanks to a list member for some debug setup help, I'm getting much more
information.
Now I can see (and confirm my suspicion), that something is not right and
my resource is unprotected.
For the example customer-portal app, I see that after the "callback-uri:
..." message, I get a "Sending redirect to login page:..." message.
For my app, it goes directly to "AuthenticatedActionsValve.invoke"
-- Tom
On Tue, Mar 31, 2015 at 2:49 PM, Guy Davis <guydavis.ca(a)gmail.com> wrote:
> Hi Thomas,
>
> To dial up logging, try adding this to your standalone.xml file in the
> logging subsystem and re-starting your Wildfly instance:
>
> <logger category="org.keycloak">
> <level name="DEBUG"/>
> </logger>
>
> Then, be sure you have the right configuration in your web.xml of your
> test WAR file. See the docs here
>
<http://docs.jboss.org/keycloak/docs/1.1.0.Final/userguide/html_single/#d4...
> for details.
>
> Hope this helps,
> Guy
>
>
> On Tue, Mar 31, 2015 at 3:30 PM, Thomas LaPorte <
> Thomas.LaPorte(a)dreamworks.com> wrote:
>
>> Apologies for cutting off by hitting send prematurely.
>>
>>
>>
>> On Tue, Mar 31, 2015 at 2:26 PM, Thomas LaPorte <
>> Thomas.LaPorte(a)dreamworks.com> wrote:
>>
>>> Greetings. I'm a first-time user of Keycloak, trying to set up a simple
>>> demonstration after the examples, however, I'm having 0% success in
getting
>>> my configuration correct enough such that my web resource is protected.
>>>
>>> I have reduced my setup all the way down to a basic
"HelloWorld.jsp" in
>>> a WAR file that is deployed into the standalone Wildfly server that is also
>>> hosting the Keycloak server.
>>>
>>> I am convinced that it is a configuration step being missed somewhere,
>>> as I can always access my URL without intervention from the Keycloak server.
>>>
>>> My WAR file consists of the following:
>>>
>>> 0 Tue Mar 31 14:20:20 PDT 2015 META-INF/
>>> 68 Tue Mar 31 14:20:20 PDT 2015 META-INF/MANIFEST.MF
>>> 0 Tue Mar 31 14:08:34 PDT 2015 WEB-INF/
>>> 1584 Tue Mar 31 09:47:52 PDT 2015 WEB-INF/web.xml
>>> 491 Tue Mar 31 14:08:34 PDT 2015 WEB-INF/keycloak.json
>>> 308 Tue Mar 31 14:20:18 PDT 2015 index.jsp
>>>
>>
>> I have added my application to the demo realm by copying the
>> customer-portal application stanza, and replacing the
"customer-portal"
>> with my app name:
>>
>> {
>> "name": "goalkeepers",
>> "enabled": true,
>> "adminUrl": "/goalkeepers",
>> "baseUrl": "/goalkeepers",
>> "redirectUris": [
>> "/goalkeepers/*"
>> ],
>> "secret": "password"
>> }
>>
>> At this stage I am just looking for suggestions on how best to
>> troubleshoot my configuration? What logging properties can I set to enable
>> more debugging? Or where else can I look for some clues as to the errors in
>> my configuration?
>>
>> I fear I am missing something extremely fundamental, but I can't for the
>> life of me see what it is.
>>
>> - Tom
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user(a)lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>
1:58 a.m.
----- Original Message -----
From: "Sebastian Lorenz"
<sebastian.p.lorenz(a)gmail.com>
To: keycloak-user(a)lists.jboss.org
Sent: Wednesday, 1 April, 2015 8:52:25 AM
Subject: [keycloak-user] Fwd: Help troubleshooting config
Hi Tom,
I'm also quite new to Keycloak and had some trouble setting it up in the
beginning.
That's why I wrote a small tutorial http://sebplorenz.blogspot.de/
Maybe it is of help for you.
Since you are not redirected to Keycloak at all, I would assume that either:
1. Your web resource is not listed in the <security-constraint> element in
web.xml or
I'd say this is the problem - as 2 and 3 would result in errors not leaving the
resource unsecured
2. Your <auth-method> is not set to Keycloak in web.xml or
3. Keycloak is not configured correctly in your standalone.xml server
configuration and therefore does not interrupt the access to the resource.
Good Luck. Sebastian
---------- Weitergeleitete Nachricht ----------
From: Thomas LaPorte < Thomas.LaPorte(a)dreamworks.com >
To: keycloak-user(a)lists.jboss.org
Cc:
Date: Tue, 31 Mar 2015 15:05:32 -0700
Subject: Re: [keycloak-user] Help troubleshooting config
Thanks to a list member for some debug setup help, I'm getting much more
information.
Now I can see (and confirm my suspicion), that something is not right and my
resource is unprotected.
For the example customer-portal app, I see that after the "callback-uri: ..."
message, I get a "Sending redirect to login page:..." message.
For my app, it goes directly to "AuthenticatedActionsValve.invoke"
-- Tom
On Tue, Mar 31, 2015 at 2:49 PM, Guy Davis < guydavis.ca(a)gmail.com > wrote:
Hi Thomas,
To dial up logging, try adding this to your standalone.xml file in the
logging subsystem and re-starting your Wildfly instance:
<logger category="org.keycloak">
<level name="DEBUG"/>
</logger>
Then, be sure you have the right configuration in your web.xml of your test
WAR file. See the docs here for details.
Hope this helps,
Guy
On Tue, Mar 31, 2015 at 3:30 PM, Thomas LaPorte <
Thomas.LaPorte(a)dreamworks.com > wrote:
Apologies for cutting off by hitting send prematurely.
On Tue, Mar 31, 2015 at 2:26 PM, Thomas LaPorte <
Thomas.LaPorte(a)dreamworks.com > wrote:
Greetings. I'm a first-time user of Keycloak, trying to set up a simple
demonstration after the examples, however, I'm having 0% success in getting
my configuration correct enough such that my web resource is protected.
I have reduced my setup all the way down to a basic "HelloWorld.jsp" in a WAR
file that is deployed into the standalone Wildfly server that is also
hosting the Keycloak server.
I am convinced that it is a configuration step being missed somewhere, as I
can always access my URL without intervention from the Keycloak server.
My WAR file consists of the following:
0 Tue Mar 31 14:20:20 PDT 2015 META-INF/
68 Tue Mar 31 14:20:20 PDT 2015 META-INF/MANIFEST.MF
0 Tue Mar 31 14:08:34 PDT 2015 WEB-INF/
1584 Tue Mar 31 09:47:52 PDT 2015 WEB-INF/web.xml
491 Tue Mar 31 14:08:34 PDT 2015 WEB-INF/keycloak.json
308 Tue Mar 31 14:20:18 PDT 2015 index.jsp
I have added my application to the demo realm by copying the customer-portal
application stanza, and replacing the "customer-portal" with my app name:
{
"name": "goalkeepers",
"enabled": true,
"adminUrl": "/goalkeepers",
"baseUrl": "/goalkeepers",
"redirectUris": [
"/goalkeepers/*"
],
"secret": "password"
}
At this stage I am just looking for suggestions on how best to troubleshoot
my configuration? What logging properties can I set to enable more
debugging? Or where else can I look for some clues as to the errors in my
configuration?
I fear I am missing something extremely fundamental, but I can't for the life
of me see what it is.
- Tom
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
5:58 p.m.
New subject: Fwd: Help troubleshooting config
Thank you both, very much!
Pointing me at the web.xml was the final piece I needed. I spent some more
time trying to understand the bits and bobs in that file and finally
understood the URL paths of my sample app, and how they were (or were not,
in my case) being reflected in the web.xml.
I was even able to move my working configuration to a Tomcat server and
replicate my success there. Many thanks!!
On Tue, Mar 31, 2015 at 11:58 PM, Stian Thorgersen <stian(a)redhat.com> wrote:
----- Original Message -----
> From: "Sebastian Lorenz" <sebastian.p.lorenz(a)gmail.com>
> To: keycloak-user(a)lists.jboss.org
> Sent: Wednesday, 1 April, 2015 8:52:25 AM
> Subject: [keycloak-user] Fwd: Help troubleshooting config
>
> Hi Tom,
>
> I'm also quite new to Keycloak and had some trouble setting it up in the
> beginning.
> That's why I wrote a small tutorial http://sebplorenz.blogspot.de/
> Maybe it is of help for you.
>
> Since you are not redirected to Keycloak at all, I would assume that
either:
>
> 1. Your web resource is not listed in the <security-constraint> element
in
> web.xml or
I'd say this is the problem - as 2 and 3 would result in errors not
leaving the resource unsecured
> 2. Your <auth-method> is not set to Keycloak in web.xml or
> 3. Keycloak is not configured correctly in your standalone.xml server
> configuration and therefore does not interrupt the access to the
resource.
>
> Good Luck. Sebastian
>
>
>
> ---------- Weitergeleitete Nachricht ----------
> From: Thomas LaPorte < Thomas.LaPorte(a)dreamworks.com >
> To: keycloak-user(a)lists.jboss.org
> Cc:
> Date: Tue, 31 Mar 2015 15:05:32 -0700
> Subject: Re: [keycloak-user] Help troubleshooting config
> Thanks to a list member for some debug setup help, I'm getting much more
> information.
>
> Now I can see (and confirm my suspicion), that something is not right
and my
> resource is unprotected.
>
> For the example customer-portal app, I see that after the "callback-uri:
..."
> message, I get a "Sending redirect to login page:..." message.
>
> For my app, it goes directly to "AuthenticatedActionsValve.invoke"
>
> -- Tom
>
> On Tue, Mar 31, 2015 at 2:49 PM, Guy Davis < guydavis.ca(a)gmail.com >
wrote:
>
>
>
> Hi Thomas,
>
> To dial up logging, try adding this to your standalone.xml file in the
> logging subsystem and re-starting your Wildfly instance:
>
> <logger category="org.keycloak">
> <level name="DEBUG"/>
> </logger>
>
> Then, be sure you have the right configuration in your web.xml of your
test
> WAR file. See the docs here for details.
>
> Hope this helps,
> Guy
>
>
> On Tue, Mar 31, 2015 at 3:30 PM, Thomas LaPorte <
> Thomas.LaPorte(a)dreamworks.com > wrote:
>
>
>
> Apologies for cutting off by hitting send prematurely.
>
>
>
> On Tue, Mar 31, 2015 at 2:26 PM, Thomas LaPorte <
> Thomas.LaPorte(a)dreamworks.com > wrote:
>
>
>
> Greetings. I'm a first-time user of Keycloak, trying to set up a simple
> demonstration after the examples, however, I'm having 0% success in
getting
> my configuration correct enough such that my web resource is protected.
>
> I have reduced my setup all the way down to a basic "HelloWorld.jsp" in
a WAR
> file that is deployed into the standalone Wildfly server that is also
> hosting the Keycloak server.
>
> I am convinced that it is a configuration step being missed somewhere,
as I
> can always access my URL without intervention from the Keycloak server.
>
> My WAR file consists of the following:
>
> 0 Tue Mar 31 14:20:20 PDT 2015 META-INF/
> 68 Tue Mar 31 14:20:20 PDT 2015 META-INF/MANIFEST.MF
> 0 Tue Mar 31 14:08:34 PDT 2015 WEB-INF/
> 1584 Tue Mar 31 09:47:52 PDT 2015 WEB-INF/web.xml
> 491 Tue Mar 31 14:08:34 PDT 2015 WEB-INF/keycloak.json
> 308 Tue Mar 31 14:20:18 PDT 2015 index.jsp
>
> I have added my application to the demo realm by copying the
customer-portal
> application stanza, and replacing the "customer-portal" with my app name:
>
> {
> "name": "goalkeepers",
> "enabled": true,
> "adminUrl": "/goalkeepers",
> "baseUrl": "/goalkeepers",
> "redirectUris": [
> "/goalkeepers/*"
> ],
> "secret": "password"
> }
> At this stage I am just looking for suggestions on how best to
troubleshoot
> my configuration? What logging properties can I set to enable more
> debugging? Or where else can I look for some clues as to the errors in my
> configuration?
>
> I fear I am missing something extremely fundamental, but I can't for the
life
> of me see what it is.
>
> - Tom
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
4030
days inactive
4030
days old
2 comments
3 participants
participants (3)
-
Sebastian Lorenz -
Stian Thorgersen -
Thomas LaPorte