7:32 a.m.
Hi
I tried sending another mail containing a fiddler log but it bounced for some reason.
Anyway,
I have configured the filter on weblogic 12.2.1.3 as follows:
<filter>
<filter-name>Keycloak Filter</filter-name>
<filter-class>org.keycloak.adapters.servlet.KeycloakOIDCFilter</filter-class>
<init-param>
<param-name>keycloak.config.skipPattern</param-name>
<param-value>^(example1|example2|whatever).*</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Keycloak Filter</filter-name>
<url-pattern>/keycloak/*</url-pattern>
<url-pattern>/*</url-pattern>
</filter-mapping>
My keycloak.json is located in /WEB-INF/
{
"realm": "Toyota Development",
"auth-server-url": "http://localhost:18080/auth",
"ssl-required": "external",
"resource": "dummyWeb",
"credentials": {
"secret": "e9be44b7-394b-40d9-a8c0-203cdb9c450b"
},
"confidential-port": 0
}
Client config:
Root URL: http://dev.toyota.no:7002/DummyWeb/
Valid Redirect URIs: http://dev.toyota.no:7002/DummyWeb/*
Base URL: http://dev.toyota.no:7002/DummyWeb/
Admin URL: http://dev.toyota.no:7002/DummyWeb/keycloak
Web Origins: http://localhost:8080 (keycloak server) http://dev.toyota.no.no:7002
Looks like I am getting authenticated but browser is stuck in an infinite loop. If I close
the browser and try the same URL again it will go into a loop again unless I clear
sessions from the keycloak admin console.
You can see the fiddler log or log as text here:
https://drive.google.com/drive/folders/1HiwSEe0WBWny3BQCrmXKz3LdNXVRxVVW?...
If someone could please have a look at it I would be super happy!
Thanks!
--
Thomas Isaksen
2:38 a.m.
Not sure it's related, just noticed some inconsistency. The
"auth-server-url" in keycloak.json points to "localhost:18080" but web
porigin "localhost:8080" . Couldn't it be that?
Marek
On 22/01/18 14:32, Thomas Isaksen wrote:
Hi
I tried sending another mail containing a fiddler log but it bounced for some reason.
Anyway,
I have configured the filter on weblogic 12.2.1.3 as follows:
<filter>
<filter-name>Keycloak Filter</filter-name>
<filter-class>org.keycloak.adapters.servlet.KeycloakOIDCFilter</filter-class>
<init-param>
<param-name>keycloak.config.skipPattern</param-name>
<param-value>^(example1|example2|whatever).*</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Keycloak Filter</filter-name>
<url-pattern>/keycloak/*</url-pattern>
<url-pattern>/*</url-pattern>
</filter-mapping>
My keycloak.json is located in /WEB-INF/
{
"realm": "Toyota Development",
"auth-server-url": "http://localhost:18080/auth",
"ssl-required": "external",
"resource": "dummyWeb",
"credentials": {
"secret": "e9be44b7-394b-40d9-a8c0-203cdb9c450b"
},
"confidential-port": 0
}
Client config:
Root URL: http://dev.toyota.no:7002/DummyWeb/
Valid Redirect URIs: http://dev.toyota.no:7002/DummyWeb/*
Base URL: http://dev.toyota.no:7002/DummyWeb/
Admin URL: http://dev.toyota.no:7002/DummyWeb/keycloak
Web Origins: http://localhost:8080 (keycloak server) http://dev.toyota.no.no:7002
Looks like I am getting authenticated but browser is stuck in an infinite loop. If I
close the browser and try the same URL again it will go into a loop again unless I clear
sessions from the keycloak admin console.
You can see the fiddler log or log as text here:
https://drive.google.com/drive/folders/1HiwSEe0WBWny3BQCrmXKz3LdNXVRxVVW?...
If someone could please have a look at it I would be super happy!
Thanks!
--
Thomas Isaksen
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
3:07 a.m.
Hi
I changed the port to 18080 because I have another WildFly instance running on port 8080.
I noticed now that I had used 8080 for the Web Origins settings and I have changed that
but to no avail.
./t
-----Original Message-----
From: Marek Posolda [mailto:mposolda@redhat.com]
Sent: tirsdag 23. januar 2018 09.38
To: Thomas Isaksen <thomas.isaksen(a)sysco.no>; keycloak-user(a)lists.jboss.org
Subject: Re: [keycloak-user] KeycloakOIDCFilter infinite loop after authentication
Not sure it's related, just noticed some inconsistency. The
"auth-server-url" in keycloak.json points to "localhost:18080" but web
porigin "localhost:8080" . Couldn't it be that?
Marek
On 22/01/18 14:32, Thomas Isaksen wrote:
Hi
I tried sending another mail containing a fiddler log but it bounced
for some reason. Anyway,
I have configured the filter on weblogic 12.2.1.3 as follows:
<filter>
<filter-name>Keycloak Filter</filter-name>
<filter-class>org.keycloak.adapters.servlet.KeycloakOIDCFilter</filter-class>
<init-param>
<param-name>keycloak.config.skipPattern</param-name>
<param-value>^(example1|example2|whatever).*</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Keycloak Filter</filter-name>
<url-pattern>/keycloak/*</url-pattern>
<url-pattern>/*</url-pattern>
</filter-mapping>
My keycloak.json is located in /WEB-INF/
{
"realm": "Toyota Development",
"auth-server-url": "http://localhost:18080/auth",
"ssl-required": "external",
"resource": "dummyWeb",
"credentials": {
"secret": "e9be44b7-394b-40d9-a8c0-203cdb9c450b"
},
"confidential-port": 0
}
Client config:
Root URL: http://dev.toyota.no:7002/DummyWeb/
Valid Redirect URIs: http://dev.toyota.no:7002/DummyWeb/*
Base URL: http://dev.toyota.no:7002/DummyWeb/
Admin URL: http://dev.toyota.no:7002/DummyWeb/keycloak
Web Origins: http://localhost:8080 (keycloak server)
http://dev.toyota.no.no:7002
Looks like I am getting authenticated but browser is stuck in an infinite loop. If I
close the browser and try the same URL again it will go into a loop again unless I clear
sessions from the keycloak admin console.
You can see the fiddler log or log as text here:
https://drive.google.com/drive/folders/1HiwSEe0WBWny3BQCrmXKz3LdNXVRxV
VW?usp=sharing
If someone could please have a look at it I would be super happy!
Thanks!
--
Thomas Isaksen
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
8:18 a.m.
New subject: KeycloakOIDCFilter infinite loop after authentication
Anyone? This is the only thing stopping me from throwing out Oracle Access Manager. I need
this to work :-)
./t
-----Original Message-----
From: keycloak-user-bounces(a)lists.jboss.org [mailto:keycloak-user-bounces@lists.jboss.org]
On Behalf Of Thomas Isaksen
Sent: mandag 22. januar 2018 14.32
To: keycloak-user(a)lists.jboss.org
Subject: [keycloak-user] KeycloakOIDCFilter infinite loop after authentication
[This sender failed our fraud detection checks and may not be who they appear to be. Learn
about spoofing at http://aka.ms/LearnAboutSpoofing]
Hi
I tried sending another mail containing a fiddler log but it bounced for some reason.
Anyway,
I have configured the filter on weblogic 12.2.1.3 as follows:
<filter>
<filter-name>Keycloak Filter</filter-name>
<filter-class>org.keycloak.adapters.servlet.KeycloakOIDCFilter</filter-class>
<init-param>
<param-name>keycloak.config.skipPattern</param-name>
<param-value>^(example1|example2|whatever).*</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Keycloak Filter</filter-name>
<url-pattern>/keycloak/*</url-pattern>
<url-pattern>/*</url-pattern>
</filter-mapping>
My keycloak.json is located in /WEB-INF/
{
"realm": "Toyota Development",
"auth-server-url": "http://localhost:18080/auth",
"ssl-required": "external",
"resource": "dummyWeb",
"credentials": {
"secret": "e9be44b7-394b-40d9-a8c0-203cdb9c450b"
},
"confidential-port": 0
}
Client config:
Root URL: http://dev.toyota.no:7002/DummyWeb/
Valid Redirect URIs: http://dev.toyota.no:7002/DummyWeb/*
Base URL: http://dev.toyota.no:7002/DummyWeb/
Admin URL: http://dev.toyota.no:7002/DummyWeb/keycloak
Web Origins: http://localhost:8080 (keycloak server) http://dev.toyota.no.no:7002
Looks like I am getting authenticated but browser is stuck in an infinite loop. If I close
the browser and try the same URL again it will go into a loop again unless I clear
sessions from the keycloak admin console.
You can see the fiddler log or log as text here:
https://drive.google.com/drive/folders/1HiwSEe0WBWny3BQCrmXKz3LdNXVRxVVW?...
If someone could please have a look at it I would be super happy!
Thanks!
--
Thomas Isaksen
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
9:10 a.m.
Just to be sure: Did you perhaps set your browser to not accept
3rd-party-cookies? Cost me half a morning once to figure out the reason
for an infinite loop...
On 01/23/2018 03:18 PM, Thomas Isaksen wrote:
Anyone? This is the only thing stopping me from throwing out Oracle
Access Manager. I need this to work :-)
./t
-----Original Message-----
From: keycloak-user-bounces(a)lists.jboss.org
[mailto:keycloak-user-bounces@lists.jboss.org] On Behalf Of Thomas Isaksen
Sent: mandag 22. januar 2018 14.32
To: keycloak-user(a)lists.jboss.org
Subject: [keycloak-user] KeycloakOIDCFilter infinite loop after authentication
[This sender failed our fraud detection checks and may not be who they appear to be.
Learn about spoofing at http://aka.ms/LearnAboutSpoofing]
Hi
I tried sending another mail containing a fiddler log but it bounced for some reason.
Anyway,
I have configured the filter on weblogic 12.2.1.3 as follows:
<filter>
<filter-name>Keycloak Filter</filter-name>
<filter-class>org.keycloak.adapters.servlet.KeycloakOIDCFilter</filter-class>
<init-param>
<param-name>keycloak.config.skipPattern</param-name>
<param-value>^(example1|example2|whatever).*</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Keycloak Filter</filter-name>
<url-pattern>/keycloak/*</url-pattern>
<url-pattern>/*</url-pattern>
</filter-mapping>
My keycloak.json is located in /WEB-INF/
{
"realm": "Toyota Development",
"auth-server-url": "http://localhost:18080/auth",
"ssl-required": "external",
"resource": "dummyWeb",
"credentials": {
"secret": "e9be44b7-394b-40d9-a8c0-203cdb9c450b"
},
"confidential-port": 0
}
Client config:
Root URL: http://dev.toyota.no:7002/DummyWeb/
Valid Redirect URIs: http://dev.toyota.no:7002/DummyWeb/*
Base URL: http://dev.toyota.no:7002/DummyWeb/
Admin URL: http://dev.toyota.no:7002/DummyWeb/keycloak
Web Origins: http://localhost:8080 (keycloak server) http://dev.toyota.no.no:7002
Looks like I am getting authenticated but browser is stuck in an infinite loop. If I
close the browser and try the same URL again it will go into a loop again unless I clear
sessions from the keycloak admin console.
You can see the fiddler log or log as text here:
https://drive.google.com/drive/folders/1HiwSEe0WBWny3BQCrmXKz3LdNXVRxVVW?...
If someone could please have a look at it I would be super happy!
Thanks!
--
Thomas Isaksen
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
9:29 a.m.
Just to check...are u sure that filter mapping isn’t causes that loop :)
.t
Sent from my iPhone
On 23 Jan 2018, at 17.10, BlackBellamy <blackbellamy(a)posteo.de>
wrote:
Just to be sure: Did you perhaps set your browser to not accept
3rd-party-cookies? Cost me half a morning once to figure out the reason
for an infinite loop...
> On 01/23/2018 03:18 PM, Thomas Isaksen wrote:
> Anyone? This is the only thing stopping me from throwing out Oracle Access Manager. I
need this to work :-)
>
> ./t
>
> -----Original Message-----
> From: keycloak-user-bounces(a)lists.jboss.org
[mailto:keycloak-user-bounces@lists.jboss.org] On Behalf Of Thomas Isaksen
> Sent: mandag 22. januar 2018 14.32
> To: keycloak-user(a)lists.jboss.org
> Subject: [keycloak-user] KeycloakOIDCFilter infinite loop after authentication
>
> [This sender failed our fraud detection checks and may not be who they appear to be.
Learn about spoofing at http://aka.ms/LearnAboutSpoofing]
>
> Hi
>
> I tried sending another mail containing a fiddler log but it bounced for some reason.
Anyway,
>
> I have configured the filter on weblogic 12.2.1.3 as follows:
>
> <filter>
> <filter-name>Keycloak Filter</filter-name>
>
<filter-class>org.keycloak.adapters.servlet.KeycloakOIDCFilter</filter-class>
> <init-param>
> <param-name>keycloak.config.skipPattern</param-name>
> <param-value>^(example1|example2|whatever).*</param-value>
> </init-param>
> </filter>
> <filter-mapping>
> <filter-name>Keycloak Filter</filter-name>
> <url-pattern>/keycloak/*</url-pattern>
> <url-pattern>/*</url-pattern>
> </filter-mapping>
>
> My keycloak.json is located in /WEB-INF/
>
> {
> "realm": "Toyota Development",
> "auth-server-url": "http://localhost:18080/auth",
> "ssl-required": "external",
> "resource": "dummyWeb",
> "credentials": {
> "secret": "e9be44b7-394b-40d9-a8c0-203cdb9c450b"
> },
> "confidential-port": 0
> }
>
> Client config:
>
> Root URL: http://dev.toyota.no:7002/DummyWeb/
> Valid Redirect URIs: http://dev.toyota.no:7002/DummyWeb/*
> Base URL: http://dev.toyota.no:7002/DummyWeb/
> Admin URL: http://dev.toyota.no:7002/DummyWeb/keycloak
> Web Origins: http://localhost:8080 (keycloak server) http://dev.toyota.no.no:7002
>
>
> Looks like I am getting authenticated but browser is stuck in an infinite loop. If I
close the browser and try the same URL again it will go into a loop again unless I clear
sessions from the keycloak admin console.
>
> You can see the fiddler log or log as text here:
> https://drive.google.com/drive/folders/1HiwSEe0WBWny3BQCrmXKz3LdNXVRxVVW?...
>
> If someone could please have a look at it I would be super happy!
> Thanks!
>
> --
> Thomas Isaksen
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
1:46 a.m.
I changed my filter to /secret/index.html but it's still looping the redirect. I also
checked that 3rd party cookies are allowed.
I don't know what else to try.
./t
-----Original Message-----
From: Tero Ahonen [mailto:tahonen@redhat.com]
Sent: tirsdag 23. januar 2018 16.30
To: BlackBellamy <blackbellamy(a)posteo.de>
Cc: Thomas Isaksen <thomas.isaksen(a)sysco.no>; keycloak-user(a)lists.jboss.org
Subject: Re: [keycloak-user] KeycloakOIDCFilter infinite loop after authentication
Just to check...are u sure that filter mapping isn’t causes that loop :)
.t
Sent from my iPhone
On 23 Jan 2018, at 17.10, BlackBellamy <blackbellamy(a)posteo.de>
wrote:
Just to be sure: Did you perhaps set your browser to not accept
3rd-party-cookies? Cost me half a morning once to figure out the
reason for an infinite loop...
> On 01/23/2018 03:18 PM, Thomas Isaksen wrote:
> Anyone? This is the only thing stopping me from throwing out Oracle
> Access Manager. I need this to work :-)
>
> ./t
>
> -----Original Message-----
> From: keycloak-user-bounces(a)lists.jboss.org
> [mailto:keycloak-user-bounces@lists.jboss.org] On Behalf Of Thomas
> Isaksen
> Sent: mandag 22. januar 2018 14.32
> To: keycloak-user(a)lists.jboss.org
> Subject: [keycloak-user] KeycloakOIDCFilter infinite loop after
> authentication
>
> [This sender failed our fraud detection checks and may not be who
> they appear to be. Learn about spoofing at
> http://aka.ms/LearnAboutSpoofing]
>
> Hi
>
> I tried sending another mail containing a fiddler log but it bounced
> for some reason. Anyway,
>
> I have configured the filter on weblogic 12.2.1.3 as follows:
>
> <filter>
> <filter-name>Keycloak Filter</filter-name>
>
<filter-class>org.keycloak.adapters.servlet.KeycloakOIDCFilter</filter-class>
> <init-param>
> <param-name>keycloak.config.skipPattern</param-name>
> <param-value>^(example1|example2|whatever).*</param-value>
> </init-param>
> </filter>
> <filter-mapping>
> <filter-name>Keycloak Filter</filter-name>
> <url-pattern>/keycloak/*</url-pattern>
> <url-pattern>/*</url-pattern>
> </filter-mapping>
>
> My keycloak.json is located in /WEB-INF/
>
> {
> "realm": "Toyota Development",
> "auth-server-url": "http://localhost:18080/auth",
> "ssl-required": "external",
> "resource": "dummyWeb",
> "credentials": {
> "secret": "e9be44b7-394b-40d9-a8c0-203cdb9c450b"
> },
> "confidential-port": 0
> }
>
> Client config:
>
> Root URL: http://dev.toyota.no:7002/DummyWeb/
> Valid Redirect URIs: http://dev.toyota.no:7002/DummyWeb/*
> Base URL: http://dev.toyota.no:7002/DummyWeb/
> Admin URL: http://dev.toyota.no:7002/DummyWeb/keycloak
> Web Origins: http://localhost:8080 (keycloak server)
> http://dev.toyota.no.no:7002
>
>
> Looks like I am getting authenticated but browser is stuck in an infinite loop. If I
close the browser and try the same URL again it will go into a loop again unless I clear
sessions from the keycloak admin console.
>
> You can see the fiddler log or log as text here:
> https://drive.google.com/drive/folders/1HiwSEe0WBWny3BQCrmXKz3LdNXVRx
> VVW?usp=sharing
>
> If someone could please have a look at it I would be super happy!
> Thanks!
>
> --
> Thomas Isaksen
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
2542
days inactive
2544
days old
6 comments
4 participants
participants (4)
-
BlackBellamy -
Marek Posolda -
Tero Ahonen -
Thomas Isaksen