[keycloak-user] Fwd: Help troubleshooting config
Thomas LaPorte
Thomas.LaPorte at dreamworks.com
Wed Apr 1 18:58:23 EDT 2015
Thank you both, very much!
Pointing me at the web.xml was the final piece I needed. I spent some more
time trying to understand the bits and bobs in that file and finally
understood the URL paths of my sample app, and how they were (or were not,
in my case) being reflected in the web.xml.
I was even able to move my working configuration to a Tomcat server and
replicate my success there. Many thanks!!
On Tue, Mar 31, 2015 at 11:58 PM, Stian Thorgersen <stian at redhat.com> wrote:
>
>
> ----- Original Message -----
> > From: "Sebastian Lorenz" <sebastian.p.lorenz at gmail.com>
> > To: keycloak-user at lists.jboss.org
> > Sent: Wednesday, 1 April, 2015 8:52:25 AM
> > Subject: [keycloak-user] Fwd: Help troubleshooting config
> >
> > Hi Tom,
> >
> > I'm also quite new to Keycloak and had some trouble setting it up in the
> > beginning.
> > That's why I wrote a small tutorial http://sebplorenz.blogspot.de/
> > Maybe it is of help for you.
> >
> > Since you are not redirected to Keycloak at all, I would assume that
> either:
> >
> > 1. Your web resource is not listed in the <security-constraint> element
> in
> > web.xml or
>
> I'd say this is the problem - as 2 and 3 would result in errors not
> leaving the resource unsecured
>
> > 2. Your <auth-method> is not set to Keycloak in web.xml or
> > 3. Keycloak is not configured correctly in your standalone.xml server
> > configuration and therefore does not interrupt the access to the
> resource.
> >
> > Good Luck. Sebastian
> >
> >
> >
> > ---------- Weitergeleitete Nachricht ----------
> > From: Thomas LaPorte < Thomas.LaPorte at dreamworks.com >
> > To: keycloak-user at lists.jboss.org
> > Cc:
> > Date: Tue, 31 Mar 2015 15:05:32 -0700
> > Subject: Re: [keycloak-user] Help troubleshooting config
> > Thanks to a list member for some debug setup help, I'm getting much more
> > information.
> >
> > Now I can see (and confirm my suspicion), that something is not right
> and my
> > resource is unprotected.
> >
> > For the example customer-portal app, I see that after the "callback-uri:
> ..."
> > message, I get a "Sending redirect to login page:..." message.
> >
> > For my app, it goes directly to "AuthenticatedActionsValve.invoke"
> >
> > -- Tom
> >
> > On Tue, Mar 31, 2015 at 2:49 PM, Guy Davis < guydavis.ca at gmail.com >
> wrote:
> >
> >
> >
> > Hi Thomas,
> >
> > To dial up logging, try adding this to your standalone.xml file in the
> > logging subsystem and re-starting your Wildfly instance:
> >
> > <logger category="org.keycloak">
> > <level name="DEBUG"/>
> > </logger>
> >
> > Then, be sure you have the right configuration in your web.xml of your
> test
> > WAR file. See the docs here for details.
> >
> > Hope this helps,
> > Guy
> >
> >
> > On Tue, Mar 31, 2015 at 3:30 PM, Thomas LaPorte <
> > Thomas.LaPorte at dreamworks.com > wrote:
> >
> >
> >
> > Apologies for cutting off by hitting send prematurely.
> >
> >
> >
> > On Tue, Mar 31, 2015 at 2:26 PM, Thomas LaPorte <
> > Thomas.LaPorte at dreamworks.com > wrote:
> >
> >
> >
> > Greetings. I'm a first-time user of Keycloak, trying to set up a simple
> > demonstration after the examples, however, I'm having 0% success in
> getting
> > my configuration correct enough such that my web resource is protected.
> >
> > I have reduced my setup all the way down to a basic "HelloWorld.jsp" in
> a WAR
> > file that is deployed into the standalone Wildfly server that is also
> > hosting the Keycloak server.
> >
> > I am convinced that it is a configuration step being missed somewhere,
> as I
> > can always access my URL without intervention from the Keycloak server.
> >
> > My WAR file consists of the following:
> >
> > 0 Tue Mar 31 14:20:20 PDT 2015 META-INF/
> > 68 Tue Mar 31 14:20:20 PDT 2015 META-INF/MANIFEST.MF
> > 0 Tue Mar 31 14:08:34 PDT 2015 WEB-INF/
> > 1584 Tue Mar 31 09:47:52 PDT 2015 WEB-INF/web.xml
> > 491 Tue Mar 31 14:08:34 PDT 2015 WEB-INF/keycloak.json
> > 308 Tue Mar 31 14:20:18 PDT 2015 index.jsp
> >
> > I have added my application to the demo realm by copying the
> customer-portal
> > application stanza, and replacing the "customer-portal" with my app name:
> >
> > {
> > "name": "goalkeepers",
> > "enabled": true,
> > "adminUrl": "/goalkeepers",
> > "baseUrl": "/goalkeepers",
> > "redirectUris": [
> > "/goalkeepers/*"
> > ],
> > "secret": "password"
> > }
> > At this stage I am just looking for suggestions on how best to
> troubleshoot
> > my configuration? What logging properties can I set to enable more
> > debugging? Or where else can I look for some clues as to the errors in my
> > configuration?
> >
> > I fear I am missing something extremely fundamental, but I can't for the
> life
> > of me see what it is.
> >
> > - Tom
> >
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
> >
> >
> >
> >
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150401/99bb217a/attachment.html
More information about the keycloak-user
mailing list