[keycloak-user] Keycloak Adapter Error

Ben bensechrist at gmail.com
Fri May 9 17:42:57 EDT 2014


I am using Keycloak Beta 1 Snapshot as my SSO but when any user logs in it
gives a 403 forbidden and the error shown below. Any idea what went wrong?


ERROR [org.keycloak.adapters.OAuthRequestAuthenticator] (default task-7)
failed to turn code into token: javax.net.ssl.SSLPeerUnverifiedException:
peer not authenticated

at sun.security.ssl.SSLSessionImpl.getPeerCertificates(
SSLSessionImpl.java:397) [jsse.jar:1.7.0_45]

at org.apache.http.conn.ssl.AbstractVerifier.verify(
AbstractVerifier.java:128)

at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(
SSLSocketFactory.java:572)

at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(
DefaultClientConnectionOperator.java:180)

at org.apache.http.impl.conn.AbstractPoolEntry.open(
AbstractPoolEntry.java:151)

at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(
AbstractPooledConnAdapter.java:125)

at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(
DefaultRequestDirector.java:640)

at org.apache.http.impl.client.DefaultRequestDirector.execute(
DefaultRequestDirector.java:479)

at org.apache.http.impl.client.AbstractHttpClient.execute(
AbstractHttpClient.java:906)

at org.apache.http.impl.client.AbstractHttpClient.execute(
AbstractHttpClient.java:805)

at org.apache.http.impl.client.AbstractHttpClient.execute(
AbstractHttpClient.java:784)

at org.keycloak.adapters.ServerRequest.invokeAccessCodeToToken(
ServerRequest.java:78) [keycloak-adapter-core-1.0-beta-1-SNAPSHOT.jar:]

at org.keycloak.adapters.ServerRequest.invokeAccessCodeToToken(
ServerRequest.java:55) [keycloak-adapter-core-1.0-beta-1-SNAPSHOT.jar:]

at org.keycloak.adapters.OAuthRequestAuthenticator.resolveCode(
OAuthRequestAuthenticator.java:256)
[keycloak-adapter-core-1.0-beta-1-SNAPSHOT.jar:]

at org.keycloak.adapters.OAuthRequestAuthenticator.authenticate(
OAuthRequestAuthenticator.java:205)
[keycloak-adapter-core-1.0-beta-1-SNAPSHOT.jar:]

at org.keycloak.adapters.RequestAuthenticator.authenticate(
RequestAuthenticator.java:59)
[keycloak-adapter-core-1.0-beta-1-SNAPSHOT.jar:]

at org.keycloak.adapters.undertow.ServletKeycloakAuthMech.authenticate(
ServletKeycloakAuthMech.java:38)
[keycloak-undertow-adapter-1.0-beta-1-SNAPSHOT.jar:]

at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(
SecurityContextImpl.java:281) [undertow-core-1.0.0.Final.jar:1.0.0.Final]

at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(
SecurityContextImpl.java:298) [undertow-core-1.0.0.Final.jar:1.0.0.Final]

at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.access$100(
SecurityContextImpl.java:268) [undertow-core-1.0.0.Final.jar:1.0.0.Final]

at io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(
SecurityContextImpl.java:131) [undertow-core-1.0.0.Final.jar:1.0.0.Final]

at io.undertow.security.impl.SecurityContextImpl.authTransition(
SecurityContextImpl.java:106) [undertow-core-1.0.0.Final.jar:1.0.0.Final]

at io.undertow.security.impl.SecurityContextImpl.authenticate(
SecurityContextImpl.java:99) [undertow-core-1.0.0.Final.jar:1.0.0.Final]

at io.undertow.security.handlers.AuthenticationCallHandler.handleRequest(
AuthenticationCallHandler.java:50)
[undertow-core-1.0.0.Final.jar:1.0.0.Final]

at
io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(
AuthenticationConstraintHandler.java:51)
[undertow-core-1.0.0.Final.jar:1.0.0.Final]

at
io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(
AbstractConfidentialityHandler.java:45)
[undertow-core-1.0.0.Final.jar:1.0.0.Final]

at
io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(
ServletConfidentialityConstraintHandler.java:61)
[undertow-servlet-1.0.0.Final.jar:1.0.0.Final]

at
io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(
ServletSecurityConstraintHandler.java:56)
[undertow-servlet-1.0.0.Final.jar:1.0.0.Final]

at
io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(
AuthenticationMechanismsHandler.java:58)
[undertow-core-1.0.0.Final.jar:1.0.0.Final]

at
io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(
CachedAuthenticatedSessionHandler.java:70)
[undertow-servlet-1.0.0.Final.jar:1.0.0.Final]

at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(
SecurityInitialHandler.java:76) [undertow-core-1.0.0.Final.jar:1.0.0.Final]

at io.undertow.server.handlers.PredicateHandler.handleRequest(
PredicateHandler.java:25) [undertow-core-1.0.0.Final.jar:1.0.0.Final]

at
org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(
JACCContextIdHandler.java:61)

at io.undertow.server.handlers.PredicateHandler.handleRequest(
PredicateHandler.java:25) [undertow-core-1.0.0.Final.jar:1.0.0.Final]

at
org.keycloak.adapters.undertow.ServletPreAuthActionsHandler.handleRequest(
ServletPreAuthActionsHandler.java:54)
[keycloak-undertow-adapter-1.0-beta-1-SNAPSHOT.jar:]

at io.undertow.server.handlers.PredicateHandler.handleRequest(
PredicateHandler.java:25) [undertow-core-1.0.0.Final.jar:1.0.0.Final]

at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(
ServletInitialHandler.java:240)
[undertow-servlet-1.0.0.Final.jar:1.0.0.Final]

at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(
ServletInitialHandler.java:227)
[undertow-servlet-1.0.0.Final.jar:1.0.0.Final]

at io.undertow.servlet.handlers.ServletInitialHandler.access$000(
ServletInitialHandler.java:73)
[undertow-servlet-1.0.0.Final.jar:1.0.0.Final]

at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(
ServletInitialHandler.java:146)
[undertow-servlet-1.0.0.Final.jar:1.0.0.Final]

at io.undertow.server.Connectors.executeRootHandler(Connectors.java:168)
[undertow-core-1.0.0.Final.jar:1.0.0.Final]

at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:687)
[undertow-core-1.0.0.Final.jar:1.0.0.Final]

at java.util.concurrent.ThreadPoolExecutor.runWorker(
ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_45]

at java.util.concurrent.ThreadPoolExecutor$Worker.run(
ThreadPoolExecutor.java:615) [rt.jar:1.7.0_45]

at java.lang.Thread.run(Thread.java:744) [rt.jar:1.7.0_45]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20140509/a8c0fd72/attachment.html 


More information about the keycloak-user mailing list