[keycloak-user] Spring Adaptor Integration
Doug Szeto
DSzeto at investlab.com
Wed Aug 26 02:30:07 EDT 2015
Hi,
I'm integration keycloak with a Spring project and using your provided spring adaptor with a bearer only rest api.
The documentation is enough to get things working with bearer token validation.
But it is lacking documentation on a few things, may be others have experience with it.
1. When the bearer token is invalid, the logs are spammed with stack traces (as posted below). How do you manage log levels?
2. Can I insert custom code on bad tokens in order to integrate with monitoring? How do others deal with this situation?
Thanks,
-Doug
[ERROR] org.keycloak.adapters.BearerTokenRequestAuthenticator - Failed to verify token
org.keycloak.VerificationException: Token is not active.
at org.keycloak.RSATokenVerifier.verifyToken(RSATokenVerifier.java:46) ~[keycloak-core-1.4.0.Final.jar:1.4.0.Final]
at org.keycloak.RSATokenVerifier.verifyToken(RSATokenVerifier.java:16) ~[keycloak-core-1.4.0.Final.jar:1.4.0.Final]
at org.keycloak.adapters.BearerTokenRequestAuthenticator.authenticateToken(BearerTokenRequestAuthenticator.java:67) ~[keycloak-adapter-core-1.4.0.Final.jar:1.4.0.Final]
at org.keycloak.adapters.BearerTokenRequestAuthenticator.authenticate(BearerTokenRequestAuthenticator.java:62) ~[keycloak-adapter-core-1.4.0.Final.jar:1.4.0.Final]
at org.keycloak.adapters.RequestAuthenticator.authenticate(RequestAuthenticator.java:45) ~[keycloak-adapter-core-1.4.0.Final.jar:1.4.0.Final]
at org.keycloak.adapters.springsecurity.filter.KeycloakAuthenticationProcessingFilter.attemptAuthentication(KeycloakAuthenticationProcessingFilter.java:116) ~[keycloak-spring-security-adapter-1.4.0.Final.jar:1.4.0.Final]
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:211) ~[spring-security-web-3.2.7.RELEASE.jar:3.2.7.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.2.7.RELEASE.jar:3.2.7.RELEASE]
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110) [spring-security-web-3.2.7.RELEASE.jar:3.2.7.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.2.7.RELEASE.jar:3.2.7.RELEASE]
at org.keycloak.adapters.springsecurity.filter.KeycloakPreAuthActionsFilter.doFilter(KeycloakPreAuthActionsFilter.java:75) [keycloak-spring-security-adapter-1.4.0.Final.jar:1.4.0.Final]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.2.7.RELEASE.jar:3.2.7.RELEASE]
at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:85) [spring-security-web-3.2.7.RELEASE.jar:3.2.7.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.1.7.RELEASE.jar:4.1.7.RELEASE]
...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150826/b5edbadd/attachment.html
More information about the keycloak-user
mailing list