[keycloak-user] Error on application log in
Stan Silvert
ssilvert at redhat.com
Wed Nov 19 12:28:27 EST 2014
Have you tried it using the two servers but without SSL?
You can set ssl-required to "none" on the adapter (application) side.
Also on the Keycloak server side, try setting Access Type to "public".
Do one of those at a time and see if either causes it to work. That
might narrow it down a bit.
On 11/19/2014 11:29 AM, Fabián Silva wrote:
> Hi,
> I'm running out of ideas in here. In simple terms I got a Wildfly
> running on domain on a server and a keycloak on another server. I set
> the adapters on my wildfly and deploy, to this wildfly, a web app that
> uses keycloak. When I try to access the web app it displays the
> keycloak login, it validates the users ok, but when you access with a
> correct user and password it shows the "403 - Forbidden". At first I
> thought it was some issue with the roles, but that didn't fix it.
>
> Regards
>
> On Fri, Nov 14, 2014 at 10:20 AM, Fabián Silva <afsg77 at gmail.com
> <mailto:afsg77 at gmail.com>> wrote:
>
> Hi,
> It is already set to use the absolute path. And the keycloak is
> working when I deploy the application to my local wildfly domain.
> The issue is when I try to deploy to another wildfly in domain
> mode on a separate server. The application is the same and the
> only difference I can tell from the two wildflys is that the local
> don't have the SSL/HTTPS enabled. I have the keycloak adapter set
> in both domains.
>
> I'm trying to trace those errors on the keycloak code to try to
> understand what is happening, but I haven't been so lucky with this.
>
> Regards
> Alejandro Fabián Silva Grifé
>
> On Fri, Nov 14, 2014 at 2:27 AM, Marek Posolda
> <mposolda at redhat.com <mailto:mposolda at redhat.com>> wrote:
>
> Hi,
>
> it failed on the adapter (application) side and error 404
> means "Not found". So adapter can't find the keycloak server
> to turn code into token. Make sure to configure
> "auth-server-url" in keycloak.json for your application
> properly. If relative uri doesn't work for some reason, you
> can rather try to use absolute uri for auth-server-url like
> "https://localhost:8443/auth" <https://localhost:8443/auth> .
>
> Marek
>
>
> On 14.11.2014 01:31, Fabián Silva wrote:
>> I have a keycloak installed on wildfly standalone. I'm trying
>> to deploy an application, that use this keycloak, on a
>> separate server with wilflly running on domain mode. I tried
>> first to deploy on a domain out of the box on my local
>> machine, setting the
>> keycloak-wildfly-adapter-dist-1.0.4.Final. It deploys fine
>> and does the authentication without any issues. When I try to
>> migrate it to the server running my wilfly (also in domain
>> mode and the keycloak adapter set), it deploys fine and shows
>> the keycloak login once you enter the application. But the
>> problem is that when you login it displays a "403 -
>> Forbidden" and on the log I'm seeing
>> ERROR [org.keycloak.adapters.OAuthRequestAuthenticator]
>> (default task-6) failed to turn code into token
>> ERROR [org.keycloak.adapters.OAuthRequestAuthenticator]
>> (default task-6) status from server: 404
>> The only difference between those two wildfly domain mode is
>> that in the local I don't have the the SSL/HTTPS enabled.
>>
>> Have anyone seen this error? or have an idea of what this
>> could be?
>>
>> Regards
>>
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org <mailto:keycloak-user at lists.jboss.org>
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20141119/d51a54e7/attachment.html
More information about the keycloak-user
mailing list