[keycloak-user] keycloak proxy server

Chen Keong Yap chenkeong.yap at izeno.com
Mon Feb 23 23:25:17 EST 2015


i've already added ssl cert to java cacerts. do you have any ideas what
went wrong?



INFO: XNIO NIO Implementation Version 3.3.0.Final
Feb 24, 2015 12:23:54 PM org.keycloak.adapters.OAuthRequestAuthenticator
resolve
Code
ERROR: failed to turn code into token
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
        at
sun.security.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.ja
va:397)
        at
org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.jav
a:128)
        at
org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFact
ory.java:572)
        at
org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnect
ion(DefaultClientConnectionOperator.java:180)
        at
org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.ja
va:151)
        at
org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPool
edConnAdapter.java:125)
        at
org.apache.http.impl.client.DefaultRequestDirector.tryConnect(Default
RequestDirector.java:640)
        at
org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultReq
uestDirector.java:479)
        at
org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpCl
ient.java:906)
        at
org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpCl
ient.java:805)
        at
org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpCl
ient.java:784)
        at
org.keycloak.adapters.ServerRequest.invokeAccessCodeToToken(ServerReq
uest.java:122)
        at
org.keycloak.adapters.ServerRequest.invokeAccessCodeToToken(ServerReq
uest.java:95)
        at
org.keycloak.adapters.OAuthRequestAuthenticator.resolveCode(OAuthRequ
estAuthenticator.java:261)
        at
org.keycloak.adapters.OAuthRequestAuthenticator.authenticate(OAuthReq
uestAuthenticator.java:208)
        at
org.keycloak.adapters.RequestAuthenticator.authenticate(RequestAuthen
ticator.java:90)

On Mon, Feb 23, 2015 at 6:31 PM, Chen Keong Yap <chenkeong.yap at izeno.com>
wrote:

> Just wondering is there any issues with the keycloak proxy. Step 4 and 5
> not happening
> On Feb 20, 2015 10:21 PM, "Schneider, John DODGE CONSULTING SERVICES, LLC"
> <John.Schneider at carrier.utc.com> wrote:
>
>>  Hi,
>>
>>
>>
>> I’m also experimenting with the proxy server.  Its working perfectly for
>> some target URL’s, but I’m getting 404 errors for other known-valid URL’s.
>> No idea if this is the root cause or not, but I think there’s a correlation
>> between target servers that serve virtual hosts and require either absolute
>> paths in the HTTP GET, or the Host header as defined in HTTP 1.1.  The
>> proxy seems to be fine whenever I can telnet to a server and receive a
>> successful GET response without specifying the host.
>>
>>
>>
>> Is there any way to trigger proxy  logging or more verbose output?  This
>> would be very useful for troubleshooting this and other foreseeable issues.
>>
>>
>>
>> Thanks,
>>
>> John
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>


-- 
Best Regards,

CK Yap
Technology Consultant

Tel: +65 6100 2788
Fax:+65 6233 9376

iZeno Pte Ltd
72 Bendemeer Road
Luzerne #05-28
Singapore 339941


This communication contains information which may be confidential or
privileged. The information is intended solely for the use of the
individual or entity named above. If you are not the intended recipient,be
aware that any disclosure, copying, distribution or use of the contents of
this information is prohibited.If you have received this communication in
error, please notify me by telephone immediately.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150224/29fbf9b5/attachment.html 


More information about the keycloak-user mailing list