[keycloak-user] Token is not active, message shown after login

LEONARDO NUNES leo.nunes at gjccorp.com.br
Tue Mar 29 08:22:11 EDT 2016

Hi Guus, you are right! I had an incorrect timezone setting.
I fixed the timezone, now it works!

Thank's a lot.


From: Guus der Kinderen <guus.der.kinderen at gmail.com<mailto:guus.der.kinderen at gmail.com>>
Date: terça-feira, 29 de março de 2016 09:02
To: Leonardo Nunes <leo.nunes at gjccorp.com.br<mailto:leo.nunes at gjccorp.com.br>>
Cc: "keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>" <keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>>
Subject: Re: [keycloak-user] Token is not active, message shown after login

Hi Leonardo,

Note that I'm a beginner, Keycloak-wise. However, as no-one else has responded, let me try.

Tokens are valid in a limited time-span. The message "token is not active" indicates that your token has expired, or is not yet valid. We had another user earlier that had a somewhat similar problem. The cause of that problem was an incorrect timezone setting on one of his servers. Perhaps that's something that you could check?

 - Guus

On 28 March 2016 at 19:36, LEONARDO NUNES <leo.nunes at gjccorp.com.br<mailto:leo.nunes at gjccorp.com.br>> wrote:
I have Keycloak 1.9.1 installed on a testing server and on our production server. Both server have the same operating system, java version and most of the configurations. Keycloak at both server also have the same configurations.
There's an application running on a Tomcat at my local machine that connects to the keycloak server.

When I connect my local application to the keycloak at the testing server everything works fine.
When I connect to the keycloak at the production server we are having the following problem:

- I open my local application and navigate to a restricted URL
- Keycloak login screen opens
- I enter the username and password and click Log in

The following error is returned to the browser:
HTTP Status 403 -
type Status report
description Access to the specified resource has been forbidden.
Apache Tomcat/7.0.67

The following error shows at my Tomcat log:
mar 28, 2016 11:26:15 AM org.keycloak.adapters.OAuthRequestAuthenticator resolveCode
ERROR: failed verification of token: Token is not active.

If I navigate to Sessions at the Keycloak admin console, there's an active session.
If I click Logout all the following error is shown:
Error! Failed to logout users under: Verify availability of failed hosts and try again

Esta mensagem pode conter informação confidencial e/ou privilegiada. Se você não for o destinatário ou a pessoa autorizada a receber esta mensagem, não poderá usar, copiar ou divulgar as informações nela contidas ou tomar qualquer ação baseada nessas informações. Se você recebeu esta mensagem por engano, por favor avise imediatamente o remetente, respondendo o e-mail e em seguida apague-o. Agradecemos sua cooperação.

This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation

keycloak-user mailing list
keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160329/175cedab/attachment.html 

More information about the keycloak-user mailing list