[keycloak-user] Login without Keycloak Login Page
Stian Thorgersen
sthorger at redhat.com
Mon Dec 19 07:02:24 EST 2016
Create an issue, includes steps on how to reproduce (text rather than
image) and include a basic WAR that can be deployed to Tomcat to reproduce
the issue. That's it and we can look at it.
On 19 December 2016 at 12:32, ruiwp13 <ruiwp_93 at hotmail.com> wrote:
> stianst wrote
> > Nopes, that doesn't help. If you continue to have issues with
> > HttpServletRequest#logout I suggest you try one of our examples/demo and
> > see if they work fine for you. Or otherwise create a bug report and
> > include
> > steps on how to reproduce the issue. Without steps on how to reproduce
> the
> > issue we are unable to help.
> >
> > On 19 December 2016 at 11:02, ruiwp13 <
>
> > ruiwp_93@
>
> > > wrote:
> >
> >> stianst wrote
> >> > I'm kinda lost at what you are doing. Could you either try one of our
> >> > examples or provides us with a simple reproducible example?
> >> >
> >> > On 19 December 2016 at 10:15, ruiwp13 <
> >>
> >> > ruiwp_93@
> >>
> >> > > wrote:
> >> >
> >> >> stianst wrote
> >> >> > On 19 December 2016 at 10:00, ruiwp13 <
> >> >>
> >> >> > ruiwp_93@
> >> >>
> >> >> > > wrote:
> >> >> >
> >> >> >> stianst wrote
> >> >> >> > On 16 December 2016 at 15:39, ruiwp13 <
> >> >> >>
> >> >> >> > ruiwp_93@
> >> >> >>
> >> >> >> > > wrote:
> >> >> >> >
> >> >> >> >> Just to see if all the steps I performed are OK:
> >> >> >> >>
> >> >> >> >> 1. I access a secured location from my API
> >> >> >> >> 2. I get redirected to keycloak login page
> >> >> >> >> 3. After logging in I get redirected to my API which returns
> >> true
> >> >> for
> >> >> >> >> HttpServletRequest.authenticate meaning I'm authenticated and
> I
> >> can
> >> >> >> get
> >> >> >> >> the
> >> >> >> >> access_token from the keycloak security context
> >> >> >> >> 4. I set header with Authorization "Bearer " + {access_token}
> >> >> >> >> 5. I access the logout method where HttpServletRequest.logout
> is
> >> >> >> >> performed.
> >> >> >> >>
> >> >> >> >> Is this the correct flow?
> >> >> >> >> Yes, it's strange that I get invalid_token, doesn't make sense
> >> >> >> specially
> >> >> >> >> because if I make HttpServletRequest.authenticate in the
> logout
> >> >> method
> >> >> >> it
> >> >> >> >> says that I am authenticated
> >> >> >> >>
> >> >> >> >
> >> >> >> > Why would you call HttpServletRequest.authenticate within the
> >> >> logout?
> >> >> >> That
> >> >> >> > makes no sense.
> >> >> >> >
> >> >> >> >
> >> >> >> >>
> >> >> >> >>
> >> >> >> >>
> >> >> >> >>
> >> >> >> >>
> >> >> >> >> --
> >> >> >> >> View this message in context: http://keycloak-user.88327.x6.
> >> >> >> >> nabble.com/Login-without-Keycloak-Login-Page-tp1974p2017.html
> >> >> >> >> Sent from the keycloak-user mailing list archive at Nabble.com.
> >> >> >> >> _______________________________________________
> >> >> >> >> keycloak-user mailing list
> >> >> >> >>
> >> >> >>
> >> >> >> > keycloak-user at .jboss
> >> >> >>
> >> >> >> >> https://lists.jboss.org/mailman/listinfo/keycloak-user
> >> >> >> >>
> >> >> >> > _______________________________________________
> >> >> >> > keycloak-user mailing list
> >> >> >>
> >> >> >> > keycloak-user at .jboss
> >> >> >>
> >> >> >> > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >> >> >>
> >> >> >>
> >> >> >> Just to check if it is authenticated.
> >> >> >> When I make HttpServletRequest.authenticate if redirects me to
> >> >> keycloak
> >> >> >> login page, I login and it redirects me back to my API but without
> >> any
> >> >> >> URL
> >> >> >> parameters. It is supposed to, right? Then I can get the token
> from
> >> >> >> keycloaksecuritycontext.getTokenString(), right?
> >> >> >>
> >> >> >
> >> >> > Yes, but to check if authenticated use getUserPrincipal.
> >> authenticate
> >> >> is
> >> >> > used to request authentication, so is not a way to check if it's
> >> >> > authenticated
> >> >> >
> >> >> >
> >> >> >>
> >> >> >>
> >> >> >>
> >> >> >> --
> >> >> >> View this message in context: http://keycloak-user.88327.x6.
> >> >> >> nabble.com/Login-without-Keycloak-Login-Page-tp1974p2031.html
> >> >> >> Sent from the keycloak-user mailing list archive at Nabble.com.
> >> >> >> _______________________________________________
> >> >> >> keycloak-user mailing list
> >> >> >>
> >> >>
> >> >> > keycloak-user at .jboss
> >> >>
> >> >> >> https://lists.jboss.org/mailman/listinfo/keycloak-user
> >> >> >>
> >> >> > _______________________________________________
> >> >> > keycloak-user mailing list
> >> >>
> >> >> > keycloak-user at .jboss
> >> >>
> >> >> > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >> >>
> >> >> Alright, thank you.
> >> >> But I am still getting the same problem. When I make request.logout()
> >> it
> >> >> says invalid_token.
> >> >> And if I make kc.realm(realmName).users().get(user_id).logout() it
> >> logs
> >> >> all
> >> >> the sessions in keycloak but no callback arrives to the server.
> >> >>
> >> >>
> >> >>
> >> >> --
> >> >> View this message in context: http://keycloak-user.88327.x6.
> >> >> nabble.com/Login-without-Keycloak-Login-Page-tp1974p2033.html
> >> >> Sent from the keycloak-user mailing list archive at Nabble.com.
> >> >> _______________________________________________
> >> >> keycloak-user mailing list
> >> >>
> >>
> >> > keycloak-user at .jboss
> >>
> >> >> https://lists.jboss.org/mailman/listinfo/keycloak-user
> >> >>
> >> > _______________________________________________
> >> > keycloak-user mailing list
> >>
> >> > keycloak-user at .jboss
> >>
> >> > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >>
> >> I cannot provide you with an example for you to try. I am posting an
> >> image
> >> with all the information. Hope this helps to clarify my steps and what I
> >> am
> >> getting as error.
> >>
> >> <http://keycloak-user.88327.x6.nabble.com/file/n2036/request.png>
> >>
> >>
> >>
> >> --
> >> View this message in context: http://keycloak-user.88327.x6.
> >> nabble.com/Login-without-Keycloak-Login-Page-tp1974p2036.html
> >> Sent from the keycloak-user mailing list archive at Nabble.com.
> >> _______________________________________________
> >> keycloak-user mailing list
> >>
>
> > keycloak-user at .jboss
>
> >> https://lists.jboss.org/mailman/listinfo/keycloak-user
> >>
> > _______________________________________________
> > keycloak-user mailing list
>
> > keycloak-user at .jboss
>
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>
> Thank you for the answers stianst,
>
> I will try with one of the examples, but I don't think it will make a
> difference on finding out what is wrong here.
> The steps to reproduce the problem are in the image. Don't really know how
> to make them more explicit. I think all the information is there.
>
>
>
> --
> View this message in context: http://keycloak-user.88327.x6.
> nabble.com/Login-without-Keycloak-Login-Page-tp1974p2038.html
> Sent from the keycloak-user mailing list archive at Nabble.com.
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
More information about the keycloak-user
mailing list