Hello Dimtry ,
Have you checked the doc which 24 pages and I have attached to my previous
email ?
Keycloa-user lists can not able to post as its large .
Is your email id can able to get that big file ?
Thanks.
On Sun, Jul 22, 2018 at 10:50 PM vandana thota <vandana0242(a)gmail.com>
wrote:
as for you, from which transaction depicted in the diagram did the
error arise?
PFA ( 23rd and 24th page )
- there should have been a stack trace after "invalidRequestMessage",
could you please share it?
We could see keycloak logs as below
14:10:39,362 WARN [org.hibernate.dialect.H2Dialect] (ServerService Thread
Pool -- 47) HHH000431: Unable to determine H2 database version, certain
features m work
14:11:30,567 WARN [org.keycloak.events] (default task-1)
type=IDENTITY_PROVIDER_LOGIN_ERROR, realmId=master, clientId=null,
userId=null, ipAddress=10.9.7.2,=invalidRequestMessage
14:11:30,568 ERROR [org.keycloak.services.resources.IdentityBrokerService]
(default task-1) invalidRequestMessage
14:11:51,668 WARN [org.keycloak.events] (default task-2)
type=IDENTITY_PROVIDER_LOGIN_ERROR, realmId=master, clientId=null,
userId=null, ipAddress=10.9.7.2,=invalidRequestMessage
14:11:51,669 ERROR [org.keycloak.services.resources.IdentityBrokerService]
(default task-2) invalidRequestMessage
- what was the SAML payload of the request that lead to an error? You
can obtain it from F12 -> Network in your browser (but don't forget to
scrub any sensitive data)
I did not understand what is SAML payload .we are using SAML 2.0 standrd.
What is F12 .
So far we did not configure any load balancer yet
On Sun, Jul 22, 2018 at 11:10 PM Dmitry Telegin <dt(a)acutus.pro> wrote:
> Hi Vandana,
>
> Excellent diagram! However I'm afraid we'll need some additional info:
> - as for you, from which transaction depicted in the diagram did the
> error arise?
> - there should have been a stack trace after "invalidRequestMessage",
> could you please share it?
> - what was the SAML payload of the request that lead to an error? You
> can obtain it from F12 -> Network in your browser (but don't forget to
> scrub any sensitive data)
>
> Cheers,
> Dmitry Telegin
> CTO, Acutus s.r.o.
> Keycloak Consulting and Training
>
> Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
> +42 (022) 888-30-71
> E-mail: info(a)acutus.pro
>
> On Fri, 2018-07-20 at 15:44 -0500, vandana thota wrote:
> > ERROR [org.keycloak.services.resources.IdentityBrokerService]
> > (default
> > task-25) invalidRequestMessage
> >
> > We are configuring the Single sign on for the application deployed on
> > the
> > Wildfly instance by having keycloak , external IDP , SAML 2.0
> > standards
> > .Below is the flow .
> >
> > There was an error at the flow while we are trying this flow . PFA It
> > has
> > pictorial representation of the flow .
> > Wildfly app or servlet container -> (SP) SAML request to IdP ->
> > Keycloak ->
> > (identify Okta IdP... may or may not need a username) -> (SP SAML
> > Request
> > to Okta) -> Okta IdP (May or may not need user to login depends on if
> > they
> > have an active okta session or not) -> IdP SAML Response -> Keycloak
> > -> IdP
> > SAML Response Wildfly app / servlet container
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user(a)lists.jboss.org
> >
https://lists.jboss.org/mailman/listinfo/keycloak-user
>