Hi all, Can anybody help with this issue? Probably I miss something small. I do success to work with mod-auth-openidc and mitreid clients. Probably I miss something small and I really need your help. Best regards, Michael ________________________________ From: keycloak-user-bounces(a)lists.jboss.org <keycloak-user-bounces(a)lists.jboss.org&gt; on behalf of Michael Furman <michael_furman(a)hotmail.com&gt; Sent: Monday, November 7, 2016 4:49 PM To: keycloak-user(a)lists.jboss.org Subject: [keycloak-user] Can not authenticate user using Spring Security Adapter Hi, I will appreciate your help on the issue below. I try to configure Spring Security Adapter (version 2.3.0.Final): https://keycloak.gitbooks.io/securing-client-applications-guide/content/t... Spring Security Adapter | Securing Applications and ...<https://keycloak.gitbooks.io/securing-client-applications-guide/content/topics/oidc/java/spring-security-adapter.html> keycloak.gitbooks.io To secure an application with Spring Security and Keycloak, add this adapter as a dependency to your project. You then have to provide some extra beans in your Spring ... I suppose that Keycloak uses the static client registration since when I tries to connect without the client configuration in Keycloak I get the following: 16:15:43,174 WARN [org.keycloak.events] (default task-3) type=LOGIN_ERROR, realmId=master, clientId=st_1, userId=null, ipAddress=192.168.111.33, error=client_not_found Please note that I was able to connect to Keycloak using non Keycloak OIDC client using the following configuration: a) clientId b) clientSecret c) Scopes d) redirectUris Therefore I have configured the client at Keycloak using the same information. I am not sure what is "Valid Redirect URIs" and I have configured the following value: http://192.168.110.2:8081/app/sso/login Now client redirects to Keycloak IDP using this URL http://192.168.110.2:8080/auth/realms/master/protocol/openid-connect/auth... I authenticate the user and IDP returns URL back to the client using this URL: http://192.168.110.2:8081/app/sso/login?state=14%2F9a4376fa-06e2-4188-a61... Unfortunately then I have the endless loop. While I debug KeycloakAuthenticationProcessingFilter I see that AuthOutcome get value NOT_ATTEMPTED and it cause additional redirect to IDP. What I missed? I have opened the bug https://issues.jboss.org/browse/KEYCLOAK-3868 with attached json file and Spring Security configuration. Best regards, Michael _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user