;, dropping
"googleapps"
On 26 November 2015 at 09:10, Thomas Schweizer-Bolzonello <
thomas(a)schweizer.fr> wrote:
Hello Stian,
Blank page with a 404
I removed /auth because I redeployed Keycloak on root context with this :
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
I tried to create a new realm but same problem : blank page + 404
Full error in log is here :
https://gist.github.com/ThomasSchweizer/a1ce825bd245d5261250
Thomas
2015-11-26 8:42 GMT+01:00 Stian Thorgersen <sthorger(a)redhat.com>:
> Blank page with a 403?
>
> The URL is missing '/auth/'. Unless you've changed the context-path
Keycloak
> is deployed to the url should be
>
https://xyz/auth/realms/myrealmname/protocol/saml/googleapps
>
> On 25 November 2015 at 23:33, Thomas Schweizer-Bolzonello
> <thomas(a)schweizer.fr> wrote:
>>
>> Hello Marek,
>>
>> Thanks for pointing me on this ressource. Very useful.
>> I'm now on these settings :
>>
>> Client ID : googleapps
>> Name : My Test Saml
>> Enabled : On
>> Include AuthnStatement : On
>> Sign Assertions : On (RSA_SHA256, EXCLUSIVE)
>> Client Signature Required : On
>> Name ID Format : email
>> IDP Initiated SSO URL Name : googleapps
>> ==
>> Assertion Consumer Service Redirect Binding URL :
>>
https://www.google.com/a/mydomain.com/acs
>>
>> When I'm accessing (manually or set via Google Admin console in SSO
>> settings) the following URL :
>>
https://xyz/realms/myrealmname/protocol/saml/googleapps .. i'm facing
>> a totally blank page
>>
>> Error in Wildfly log :
>> 23:25:04,136 WARN [org.jboss.resteasy.core.ExceptionHandler] (default
>> task-107) failed to execute: javax.ws.rs.NotFoundException: Could not
>> find resource for full path:
>>
https://xyz/realms/myrealmname/protocol/saml/googleapps
>>
>> Any idea ?
>>
>> Thanks
>>
>> Best regards,
>> Thomas
>>
>> 2015-11-25 11:51 GMT+01:00 Marek Posolda <mposolda(a)redhat.com>:
>> > Longer time ago, I did the integration of picketlink with Google Apps,
>> > which
>> > is documented here:
>> >
>> >
https://docs.jboss.org/author/display/PLINK/Picketlink+as+IDP,+Google+App...
>> > . Some steps might be outdated, but hopefully most of them is still
>> > applicable and can be (maybe with some tweaks) applied for Keycloak as
>> > well.
>> > Especially the part for configuring on Google side. I did not tried in
>> > practice with Keycloak yet, but I think that you may want to:
>> > - Use clientId like "google.com/a/yourdomain.com" for your
client
where
>> >
yourdomain.com is your Google-Apps domain
>> > - Select "Sign assertions" so google-apps will verify the
signature on
>> > assertion with the realm key you uploaded
>> >
>> > Other options might be kept default probably (not sure at 100% as I
>> > didn't
>> > try it myself yet)
>> >
>> > Marek
>> >
>> >
>> > On 25/11/15 10:42, Thomas Schweizer-Bolzonello wrote:
>> >
>> > Hello,
>> > Does someone have documentation on how to implement Keycloak with
Google
>> > Apps ?
>> > I tried to implement a SAML client in a Keycloak realm but I'm lost
>> > with settings when creating one.
>> >
>> > Tried to use the official documentation and to search on the web but
>> > to no avail.
>> >
>> > If someone could point me to what settings to use in the SAML client I
>> > created, it would be great.
>> > I already took the key generated for the realm and uploaded it to
Google
>> > Apps.
>> >
>> > Best regards,
>> > Thomas
>> > _______________________________________________
>> > keycloak-user mailing list
>> > keycloak-user(a)lists.jboss.org
>> >
https://lists.jboss.org/mailman/listinfo/keycloak-user
>> >
>> >
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user(a)lists.jboss.org
>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>