July 2015 - overlord-issues - Jboss List Archives

[JBoss JIRA] (ARTIF-748) Web UI: Refresh to /login when Keycloak token expires

by Brett Meyer (JIRA)

[ https://issues.jboss.org/browse/ARTIF-748?page=com.atlassian.jira.plugin.... ] Brett Meyer updated ARTIF-748: ------------------------------ Fix Version/s: (was: 1.0.0.Beta3) > Web UI: Refresh to /login when Keycloak token expires > ----------------------------------------------------- > > Key: ARTIF-748 > URL: https://issues.jboss.org/browse/ARTIF-748 > Project: Artificer > Issue Type: Task > Reporter: Brett Meyer > Assignee: Brett Meyer > > If the token expires, the server spits out: > 14:25:07,534 WARN [org.keycloak.events] (default task-36) type=REFRESH_TOKEN_ERROR, realmId=0c4049da-2746-468e-ab6d-49e51dd1f133, clientId=artificer-ui, userId=null, ipAddress=127.0.0.1, error=invalid_token > 14:25:07,560 ERROR [org.keycloak.adapters.RefreshableKeycloakSecurityContext] (default task-37) Refresh token failure status: 400 {"error_description":"Refresh token expired","error":"invalid_grant"} > The next time the browser makes a call to the UI services, Errai reports an uncaught GWT exception. That call *must* be protected by Keycloak, in order for our Filter to pick up the KeycloakSecurityContext and create the bearer token. However, the GWT exception shows that the Keycloak *login page* is being served on the call, so Errai's JSON marshaller barfs on the HTML. > APIMan checks for a 401 response code and automatically refreshes the browser to combat this. However, I'm not sure if that's possible in this case. Our use of Errai's "Caller" pattern isn't kicking in for these errors (completely sidesteps the ErrorHandler), I'm guessing due to it being a lower level issue with the GWT marshaller. > Idea: Have a pure Javascript loop "ping" the UI services and check the response. -- This message was sent by Atlassian JIRA (v6.3.15#6346)

8 years, 11 months

1
0
0 / 0

[JBoss JIRA] (ARTIF-748) Web UI: Refresh to /login when Keycloak token expires

by Brett Meyer (JIRA)

[ https://issues.jboss.org/browse/ARTIF-748?page=com.atlassian.jira.plugin.... ] Brett Meyer updated ARTIF-748: ------------------------------ Description: If the token expires, the server spits out: 14:25:07,534 WARN [org.keycloak.events] (default task-36) type=REFRESH_TOKEN_ERROR, realmId=0c4049da-2746-468e-ab6d-49e51dd1f133, clientId=artificer-ui, userId=null, ipAddress=127.0.0.1, error=invalid_token 14:25:07,560 ERROR [org.keycloak.adapters.RefreshableKeycloakSecurityContext] (default task-37) Refresh token failure status: 400 {"error_description":"Refresh token expired","error":"invalid_grant"} The next time the browser makes a call to the UI services, Errai reports an uncaught GWT exception. That call *must* be protected by Keycloak, in order for our Filter to pick up the KeycloakSecurityContext and create the bearer token. However, the GWT exception shows that the Keycloak *login page* is being served on the call, so Errai's JSON marshaller barfs on the HTML. APIMan checks for a 401 response code and automatically refreshes the browser to combat this. However, I'm not sure if that's possible in this case. Our use of Errai's "Caller" pattern isn't kicking in for these errors (completely sidesteps the ErrorHandler), I'm guessing due to it being a lower level issue with the GWT marshaller. Idea: Have a pure Javascript loop "ping" the UI services and check the response. was: If the token expires, the server spits out: 14:25:07,534 WARN [org.keycloak.events] (default task-36) type=REFRESH_TOKEN_ERROR, realmId=0c4049da-2746-468e-ab6d-49e51dd1f133, clientId=artificer-ui, userId=null, ipAddress=127.0.0.1, error=invalid_token 14:25:07,560 ERROR [org.keycloak.adapters.RefreshableKeycloakSecurityContext] (default task-37) Refresh token failure status: 400 {"error_description":"Refresh token expired","error":"invalid_grant"} The next time the browser makes a call to the UI services, Errai reports an uncaught GWT exception. That call *must* be protected by Keycloak, in order for our Filter to pick up the KeycloakSecurityContext and create the bearer token. However, the GWT exception shows that the Keycloak *login page* is being served on the call, so Errai's JSON marshaller barfs on the HTML. APIMan uses > Web UI: Refresh to /login when Keycloak token expires > ----------------------------------------------------- > > Key: ARTIF-748 > URL: https://issues.jboss.org/browse/ARTIF-748 > Project: Artificer > Issue Type: Task > Reporter: Brett Meyer > Assignee: Brett Meyer > Fix For: 1.0.0.Beta3 > > > If the token expires, the server spits out: > 14:25:07,534 WARN [org.keycloak.events] (default task-36) type=REFRESH_TOKEN_ERROR, realmId=0c4049da-2746-468e-ab6d-49e51dd1f133, clientId=artificer-ui, userId=null, ipAddress=127.0.0.1, error=invalid_token > 14:25:07,560 ERROR [org.keycloak.adapters.RefreshableKeycloakSecurityContext] (default task-37) Refresh token failure status: 400 {"error_description":"Refresh token expired","error":"invalid_grant"} > The next time the browser makes a call to the UI services, Errai reports an uncaught GWT exception. That call *must* be protected by Keycloak, in order for our Filter to pick up the KeycloakSecurityContext and create the bearer token. However, the GWT exception shows that the Keycloak *login page* is being served on the call, so Errai's JSON marshaller barfs on the HTML. > APIMan checks for a 401 response code and automatically refreshes the browser to combat this. However, I'm not sure if that's possible in this case. Our use of Errai's "Caller" pattern isn't kicking in for these errors (completely sidesteps the ErrorHandler), I'm guessing due to it being a lower level issue with the GWT marshaller. > Idea: Have a pure Javascript loop "ping" the UI services and check the response. -- This message was sent by Atlassian JIRA (v6.3.15#6346)

8 years, 11 months

1
0
0 / 0

[JBoss JIRA] (ARTIF-748) Web UI: Refresh to /login when Keycloak token expires

by Brett Meyer (JIRA)

[ https://issues.jboss.org/browse/ARTIF-748?page=com.atlassian.jira.plugin.... ] Brett Meyer updated ARTIF-748: ------------------------------ Description: If the token expires, the server spits out: 14:25:07,534 WARN [org.keycloak.events] (default task-36) type=REFRESH_TOKEN_ERROR, realmId=0c4049da-2746-468e-ab6d-49e51dd1f133, clientId=artificer-ui, userId=null, ipAddress=127.0.0.1, error=invalid_token 14:25:07,560 ERROR [org.keycloak.adapters.RefreshableKeycloakSecurityContext] (default task-37) Refresh token failure status: 400 {"error_description":"Refresh token expired","error":"invalid_grant"} The next time the browser makes a call to the UI services, Errai reports an uncaught GWT exception. That call *must* be protected by Keycloak, in order for our Filter to pick up the KeycloakSecurityContext and create the bearer token. However, the GWT exception shows that the Keycloak *login page* is being served on the call, so Errai's JSON marshaller barfs on the HTML. APIMan uses was: If the token expires, the server spits out: 14:25:07,534 WARN [org.keycloak.events] (default task-36) type=REFRESH_TOKEN_ERROR, realmId=0c4049da-2746-468e-ab6d-49e51dd1f133, clientId=artificer-ui, userId=null, ipAddress=127.0.0.1, error=invalid_token 14:25:07,560 ERROR [org.keycloak.adapters.RefreshableKeycloakSecurityContext] (default task-37) Refresh token failure status: 400 {"error_description":"Refresh token expired","error":"invalid_grant"} Errai then reports an uncaught > Web UI: Refresh to /login when Keycloak token expires > ----------------------------------------------------- > > Key: ARTIF-748 > URL: https://issues.jboss.org/browse/ARTIF-748 > Project: Artificer > Issue Type: Task > Reporter: Brett Meyer > Assignee: Brett Meyer > Fix For: 1.0.0.Beta3 > > > If the token expires, the server spits out: > 14:25:07,534 WARN [org.keycloak.events] (default task-36) type=REFRESH_TOKEN_ERROR, realmId=0c4049da-2746-468e-ab6d-49e51dd1f133, clientId=artificer-ui, userId=null, ipAddress=127.0.0.1, error=invalid_token > 14:25:07,560 ERROR [org.keycloak.adapters.RefreshableKeycloakSecurityContext] (default task-37) Refresh token failure status: 400 {"error_description":"Refresh token expired","error":"invalid_grant"} > The next time the browser makes a call to the UI services, Errai reports an uncaught GWT exception. That call *must* be protected by Keycloak, in order for our Filter to pick up the KeycloakSecurityContext and create the bearer token. However, the GWT exception shows that the Keycloak *login page* is being served on the call, so Errai's JSON marshaller barfs on the HTML. > APIMan uses -- This message was sent by Atlassian JIRA (v6.3.15#6346)

8 years, 11 months

1
0
0 / 0

[JBoss JIRA] (ARTIF-748) Web UI: Refresh to /login when Keycloak token expires

by Brett Meyer (JIRA)

[ https://issues.jboss.org/browse/ARTIF-748?page=com.atlassian.jira.plugin.... ] Brett Meyer updated ARTIF-748: ------------------------------ Description: If the token expires, the server spits out: 14:25:07,534 WARN [org.keycloak.events] (default task-36) type=REFRESH_TOKEN_ERROR, realmId=0c4049da-2746-468e-ab6d-49e51dd1f133, clientId=artificer-ui, userId=null, ipAddress=127.0.0.1, error=invalid_token 14:25:07,560 ERROR [org.keycloak.adapters.RefreshableKeycloakSecurityContext] (default task-37) Refresh token failure status: 400 {"error_description":"Refresh token expired","error":"invalid_grant"} Errai then reports an uncaught was: Happens in a matter of minutes 14:25:07,534 WARN [org.keycloak.events] (default task-36) type=REFRESH_TOKEN_ERROR, realmId=0c4049da-2746-468e-ab6d-49e51dd1f133, clientId=artificer-ui, userId=null, ipAddress=127.0.0.1, error=invalid_token 14:25:07,560 ERROR [org.keycloak.adapters.RefreshableKeycloakSecurityContext] (default task-37) Refresh token failure status: 400 {"error_description":"Refresh token expired","error":"invalid_grant"} > Web UI: Refresh to /login when Keycloak token expires > ----------------------------------------------------- > > Key: ARTIF-748 > URL: https://issues.jboss.org/browse/ARTIF-748 > Project: Artificer > Issue Type: Task > Reporter: Brett Meyer > Assignee: Brett Meyer > Fix For: 1.0.0.Beta3 > > > If the token expires, the server spits out: > 14:25:07,534 WARN [org.keycloak.events] (default task-36) type=REFRESH_TOKEN_ERROR, realmId=0c4049da-2746-468e-ab6d-49e51dd1f133, clientId=artificer-ui, userId=null, ipAddress=127.0.0.1, error=invalid_token > 14:25:07,560 ERROR [org.keycloak.adapters.RefreshableKeycloakSecurityContext] (default task-37) Refresh token failure status: 400 {"error_description":"Refresh token expired","error":"invalid_grant"} > Errai then reports an uncaught -- This message was sent by Atlassian JIRA (v6.3.15#6346)

8 years, 11 months

1
0
0 / 0

[JBoss JIRA] (ARTIF-748) Web UI: Refresh to /login when Keycloak token expires

by Brett Meyer (JIRA)

[ https://issues.jboss.org/browse/ARTIF-748?page=com.atlassian.jira.plugin.... ] Brett Meyer updated ARTIF-748: ------------------------------ Summary: Web UI: Refresh to /login when Keycloak token expires (was: Keycloak's token expires really quickly) > Web UI: Refresh to /login when Keycloak token expires > ----------------------------------------------------- > > Key: ARTIF-748 > URL: https://issues.jboss.org/browse/ARTIF-748 > Project: Artificer > Issue Type: Task > Reporter: Brett Meyer > Assignee: Brett Meyer > Fix For: 1.0.0.Beta3 > > > Happens in a matter of minutes > 14:25:07,534 WARN [org.keycloak.events] (default task-36) type=REFRESH_TOKEN_ERROR, realmId=0c4049da-2746-468e-ab6d-49e51dd1f133, clientId=artificer-ui, userId=null, ipAddress=127.0.0.1, error=invalid_token > 14:25:07,560 ERROR [org.keycloak.adapters.RefreshableKeycloakSecurityContext] (default task-37) Refresh token failure status: 400 {"error_description":"Refresh token expired","error":"invalid_grant"} -- This message was sent by Atlassian JIRA (v6.3.15#6346)

8 years, 11 months

1
0
0 / 0

[JBoss JIRA] (ARTIF-749) HibernateAuditor fails to handle property/classifier updates

by Brett Meyer (JIRA)

[ https://issues.jboss.org/browse/ARTIF-749?page=com.atlassian.jira.plugin.... ] Brett Meyer resolved ARTIF-749. ------------------------------- Resolution: Done > HibernateAuditor fails to handle property/classifier updates > ------------------------------------------------------------ > > Key: ARTIF-749 > URL: https://issues.jboss.org/browse/ARTIF-749 > Project: Artificer > Issue Type: Bug > Affects Versions: 1.0.0.Beta2 > Reporter: Brett Meyer > Assignee: Brett Meyer > Fix For: 1.0.0.Beta3 > > > When the original ArtificerArtifact is given to HibernateAuditor, it incorrectly uses the actual collection references as its snapshot. When these are changed, the references change as well, so the diff doesn't see the modifications. -- This message was sent by Atlassian JIRA (v6.3.15#6346)

8 years, 11 months

1
0
0 / 0

[JBoss JIRA] (ARTIF-749) HibernateAuditor fails to handle property/classifier updates

by Brett Meyer (JIRA)

Brett Meyer created ARTIF-749: --------------------------------- Summary: HibernateAuditor fails to handle property/classifier updates Key: ARTIF-749 URL: https://issues.jboss.org/browse/ARTIF-749 Project: Artificer Issue Type: Bug Affects Versions: 1.0.0.Beta2 Reporter: Brett Meyer Assignee: Brett Meyer Fix For: 1.0.0.Beta3 When the original ArtificerArtifact is given to HibernateAuditor, it incorrectly uses the actual collection references as its snapshot. When these are changed, the references change as well, so the diff doesn't see the modifications. -- This message was sent by Atlassian JIRA (v6.3.15#6346)

8 years, 11 months

1
0
0 / 0

[JBoss JIRA] (ARTIF-743) CLI audit:showAuditTrail returns nothing, even after updateMetaData

by Brett Meyer (JIRA)

[ https://issues.jboss.org/browse/ARTIF-743?page=com.atlassian.jira.plugin.... ] Brett Meyer deleted ARTIF-743: ------------------------------ > CLI audit:showAuditTrail returns nothing, even after updateMetaData > ------------------------------------------------------------------- > > Key: ARTIF-743 > URL: https://issues.jboss.org/browse/ARTIF-743 > Project: Artificer > Issue Type: Bug > Reporter: Brett Meyer > Assignee: Brett Meyer > -- This message was sent by Atlassian JIRA (v6.3.15#6346)

8 years, 11 months

1
0
0 / 0

[JBoss JIRA] (ARTIF-747) CLI: StatusCommand missing i18n values

by Brett Meyer (JIRA)

[ https://issues.jboss.org/browse/ARTIF-747?page=com.atlassian.jira.plugin.... ] Brett Meyer resolved ARTIF-747. ------------------------------- Resolution: Done > CLI: StatusCommand missing i18n values > -------------------------------------- > > Key: ARTIF-747 > URL: https://issues.jboss.org/browse/ARTIF-747 > Project: Artificer > Issue Type: Bug > Reporter: Brett Meyer > Assignee: Brett Meyer > Fix For: 1.0.0.Beta3 > > > artificer> status > Artificer Connection: http://localhost:8080/artificer-server > Artificer Artifact: wsrm-1.1-wsdl-200702e1.wsdl WsdlDocument > !!Status.Status6!! -- This message was sent by Atlassian JIRA (v6.3.15#6346)

8 years, 11 months

1
0
0 / 0

[JBoss JIRA] (ARTIF-748) Keycloak's token expires really quickly

by Brett Meyer (JIRA)

Brett Meyer created ARTIF-748: --------------------------------- Summary: Keycloak's token expires really quickly Key: ARTIF-748 URL: https://issues.jboss.org/browse/ARTIF-748 Project: Artificer Issue Type: Task Reporter: Brett Meyer Assignee: Brett Meyer Fix For: 1.0.0.Beta3 Happens in a matter of minutes 14:25:07,534 WARN [org.keycloak.events] (default task-36) type=REFRESH_TOKEN_ERROR, realmId=0c4049da-2746-468e-ab6d-49e51dd1f133, clientId=artificer-ui, userId=null, ipAddress=127.0.0.1, error=invalid_token 14:25:07,560 ERROR [org.keycloak.adapters.RefreshableKeycloakSecurityContext] (default task-37) Refresh token failure status: 400 {"error_description":"Refresh token expired","error":"invalid_grant"} -- This message was sent by Atlassian JIRA (v6.3.15#6346)

8 years, 11 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

overlord-issues July 2015