5:49 a.m.
Hi,
I have a new application - 'testapi' under a new realm - 'testrealm'.
This
application is to be used as an API. Its an *bearer only application*.
I have also made an *OAuth Client* to access this service.
I am using *iOS AeroGear* plugin in my project to connect to API service
with all the required creditionals like clientId, roles etc.
Version of Keycloak - *1.0-beta3*.
Version of Jboss - *JBoss AS 7.1.1*
Its hosted on *Amazon AWS*. (I tried the same in my local environment it
was working but when i have done the same on Amazon server, i am getting
this issue.)
Thanks for any help on this one.
Regards,
Arjit Agrawal
2:32 p.m.
New subject: HTTP 403 Forbidden while connecting to bearer only application
We'll need much more info here. How have you secured the app? Is it a WAR? Do you
require any roles for the resource you're invoking? Are you sending a bearer token
with the request? How do you get the request? Does the user have the required roles? Does
the client have the required scope?
----- Original Message -----
From: "Arjit Agrawal" <arjit.agrawal.07(a)gmail.com>
To: "keycloak-user" <keycloak-user(a)lists.jboss.org>
Sent: Thursday, 4 June, 2015 5:49:08 AM
Subject: [keycloak-user] HTTP 403 Forbidden while connecting to bearer only application
Hi,
I have a new application - 'testapi' under a new realm - 'testrealm'.
This
application is to be used as an API. Its an bearer only application .
I have also made an OAuth Client to access this service.
I am using iOS AeroGear plugin in my project to connect to API service with
all the required creditionals like clientId, roles etc.
Version of Keycloak - 1.0-beta3 .
Version of Jboss - JBoss AS 7.1.1
Its hosted on Amazon AWS . (I tried the same in my local environment it was
working but when i have done the same on Amazon server, i am getting this
issue.)
Thanks for any help on this one.
Regards,
Arjit Agrawal
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
4:17 p.m.
Hi,
I have the war file of service bearer only application in *jboss
deployments folder, *the auth-server.war for keycloak is also at the same
location.
Roles configured:-
[image: Inline image 1]
Here' my web.xml for service bearer only application:-
[image: Inline image 2]
Here's the setting for the bearer only application in keycloak
[image: Inline image 3]
User Role Mappings
[image: Inline image 1]
I am using REST services to fulfill the request. Here's a snippet of code:-
*KeycloakSecurityContext securityContext = (KeycloakSecurityContext)
httpRequest*
* .getAttribute(KeycloakSecurityContext.class.getName());*
*AccessToken accessToken = securityContext.getToken();*
OAuth Client Scope Mappings:-
[image: Inline image 2]
Please let me know, if any more information is required.
Regards,
Arjit Agrawal
On Thu, Jun 4, 2015 at 6:02 PM, Stian Thorgersen <stian(a)redhat.com> wrote:
We'll need much more info here. How have you secured the app? Is
it a WAR?
Do you require any roles for the resource you're invoking? Are you sending
a bearer token with the request? How do you get the request? Does the user
have the required roles? Does the client have the required scope?
----- Original Message -----
> From: "Arjit Agrawal" <arjit.agrawal.07(a)gmail.com>
> To: "keycloak-user" <keycloak-user(a)lists.jboss.org>
> Sent: Thursday, 4 June, 2015 5:49:08 AM
> Subject: [keycloak-user] HTTP 403 Forbidden while connecting to bearer
only application
>
> Hi,
>
> I have a new application - 'testapi' under a new realm -
'testrealm'.
This
> application is to be used as an API. Its an bearer only application .
>
> I have also made an OAuth Client to access this service.
>
> I am using iOS AeroGear plugin in my project to connect to API service
with
> all the required creditionals like clientId, roles etc.
>
> Version of Keycloak - 1.0-beta3 .
> Version of Jboss - JBoss AS 7.1.1
>
> Its hosted on Amazon AWS . (I tried the same in my local environment it
was
> working but when i have done the same on Amazon server, i am getting this
> issue.)
>
>
> Thanks for any help on this one.
>
> Regards,
> Arjit Agrawal
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Arjit Agrawal
AKGEC, Ghaziabad
4:29 p.m.
On 6/4/2015 10:17 AM, Arjit Agrawal wrote:
> Version of Keycloak - 1.0-beta3 .
> Version of Jboss - JBoss AS 7.1.1
>
I'm sorry. Too much has changed since Keycloak 1.0-beta3. You need to
upgrade. We also do not support running on JBoss AS 7.1.1 anymore.
Upgrade to JBoss EAP 6.x or Wildfly 8+
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
4:33 p.m.
I will update the version but please let me know, how to resolve this
first. I need to make it running.
On Thu, Jun 4, 2015 at 7:59 PM, Bill Burke <bburke(a)redhat.com> wrote:
On 6/4/2015 10:17 AM, Arjit Agrawal wrote:
> > Version of Keycloak - 1.0-beta3 .
> > Version of Jboss - JBoss AS 7.1.1
> >
I'm sorry. Too much has changed since Keycloak 1.0-beta3. You need to
upgrade. We also do not support running on JBoss AS 7.1.1 anymore.
Upgrade to JBoss EAP 6.x or Wildfly 8+
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Arjit Agrawal
AKGEC, Ghaziabad
8:43 p.m.
Hi,
I dont know it is realted but 403 errors can be related to cross domain
problems, does you keycloak.json is set to "auth-server-url": "
http://localhost:8080/auth" maybe try an external url or something like
that.
On Thu, Jun 4, 2015 at 9:33 AM, Arjit Agrawal <arjit.agrawal.07(a)gmail.com>
wrote:
I will update the version but please let me know, how to resolve
this
first. I need to make it running.
On Thu, Jun 4, 2015 at 7:59 PM, Bill Burke <bburke(a)redhat.com> wrote:
>
>
> On 6/4/2015 10:17 AM, Arjit Agrawal wrote:
> > > Version of Keycloak - 1.0-beta3 .
> > > Version of Jboss - JBoss AS 7.1.1
> > >
>
> I'm sorry. Too much has changed since Keycloak 1.0-beta3. You need to
> upgrade. We also do not support running on JBoss AS 7.1.1 anymore.
> Upgrade to JBoss EAP 6.x or Wildfly 8+
>
>
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
--
Arjit Agrawal
AKGEC, Ghaziabad
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
3517
days inactive
3517
days old
5 comments
4 participants
participants (4)
-
Arjit Agrawal -
Bill Burke -
Juan Diego -
Stian Thorgersen