[keycloak-user] Error on application log in

Stan Silvert ssilvert at redhat.com
Wed Nov 19 12:28:27 EST 2014

Have you tried it using the two servers but without SSL?

You can set ssl-required to "none" on the adapter (application) side.  
Also on the Keycloak server side, try setting Access Type to "public".  
Do one of those at a time and see if either causes it to work.  That 
might narrow it down a bit.

On 11/19/2014 11:29 AM, Fabián Silva wrote:
> Hi,
> I'm running out of ideas in here. In simple terms I got a Wildfly 
> running on domain on a server and a keycloak on another server. I set 
> the adapters on my wildfly and deploy, to this wildfly, a web app that 
> uses keycloak. When I try to access the web app it displays the 
> keycloak login, it validates the users ok, but when you access with a 
> correct user and password it shows the "403 - Forbidden". At first I 
> thought it was some issue with the roles, but that didn't fix it.
> Regards
> On Fri, Nov 14, 2014 at 10:20 AM, Fabián Silva <afsg77 at gmail.com 
> <mailto:afsg77 at gmail.com>> wrote:
>     Hi,
>     It is already set to use the absolute path. And the keycloak is
>     working when I deploy the application to my local wildfly domain.
>     The issue is when I try to deploy to another wildfly in domain
>     mode on a separate server. The application is the same and the
>     only difference I can tell from the two wildflys is that the local
>     don't have the SSL/HTTPS enabled. I have the keycloak adapter set
>     in both domains.
>     I'm trying to trace those errors on the keycloak code to try to
>     understand what is happening, but I haven't been so lucky with this.
>     Regards
>     Alejandro Fabián Silva Grifé
>     On Fri, Nov 14, 2014 at 2:27 AM, Marek Posolda
>     <mposolda at redhat.com <mailto:mposolda at redhat.com>> wrote:
>         Hi,
>         it failed on the adapter (application) side and error 404
>         means "Not found". So adapter can't find the keycloak server
>         to turn code into token. Make sure to configure
>         "auth-server-url" in keycloak.json for your application
>         properly. If relative uri doesn't work for some reason, you
>         can rather try to use absolute uri for auth-server-url like
>         "https://localhost:8443/auth" <https://localhost:8443/auth> .
>         Marek
>         On 14.11.2014 01:31, Fabián Silva wrote:
>>         I have a keycloak installed on wildfly standalone. I'm trying
>>         to deploy an application, that use this keycloak, on a
>>         separate server with wilflly running on domain mode. I tried
>>         first to deploy on a domain out of the box on my local
>>         machine, setting the
>>         keycloak-wildfly-adapter-dist-1.0.4.Final. It deploys fine
>>         and does the authentication without any issues. When I try to
>>         migrate it to the server running my wilfly (also in domain
>>         mode and the keycloak adapter set), it deploys fine and shows
>>         the keycloak login once you enter the application. But the
>>         problem is that when you login it displays a "403 -
>>         Forbidden" and on the log I'm seeing
>>         ERROR [org.keycloak.adapters.OAuthRequestAuthenticator]
>>         (default task-6) failed to turn code into token
>>         ERROR [org.keycloak.adapters.OAuthRequestAuthenticator]
>>         (default task-6) status from server: 404
>>         The only difference between those two wildfly domain mode is
>>         that in the local I don't have the the SSL/HTTPS enabled.
>>         Have anyone seen this error? or have an idea of what this
>>         could be?
>>         Regards
>>         _______________________________________________
>>         keycloak-user mailing list
>>         keycloak-user at lists.jboss.org  <mailto:keycloak-user at lists.jboss.org>
>>         https://lists.jboss.org/mailman/listinfo/keycloak-user
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20141119/d51a54e7/attachment.html 

More information about the keycloak-user mailing list