[keycloak-user] Failed to verify token: org.keycloak.common.VerificationException: Invalid token issuer after upgrade
Darrell Wu
darrell at 1placeonline.com
Wed Sep 27 00:25:56 EDT 2017
Hi,
I've upgraded from keycloak 1.9.8 to keycloak 3.2.1 and now i'm getting the
following error when i access my protected application.
Failed to verify token: org.keycloak.common.VerificationException: Invalid
token issuer. Expected 'http://localhost:8180/realms/1Place', but was '
https://192.168.10.19:8543/realms/1Place'
I've configured keycloak to use a self signed certificate against by PC ip
address. The admin console is using the address.
https://192.168.10.19:8543/
I'm not sure where it is picking up http://localhost:8180/realms/1Place
since you can't access the admin console against that address and i
couldn't find anywhere in the console where
http://localhost:8180/realms/1Place is used.
Does anyone have any ideas?
Thanks in Advance
Darrell
Here is the stack trace
Failed to verify token: org.keycloak.common.VerificationException: Invalid
token issuer. Expected 'http://localhost:8180/realms
/1Place', but was 'https://192.168.10.19:8543/realms/1Place'
at org.keycloak.TokenVerifier$RealmUrlCheck.test(TokenVerifier.java:109)
at org.keycloak.TokenVerifier.verify(TokenVerifier.java:371)
at org.keycloak.RSATokenVerifier.verify(RSATokenVerifier.java:89)
at
org.keycloak.adapters.rotation.AdapterRSATokenVerifier.verifyToken(AdapterRSATokenVerifier.java:56)
at
org.keycloak.adapters.rotation.AdapterRSATokenVerifier.verifyToken(AdapterRSATokenVerifier.java:37)
at
org.keycloak.adapters.BearerTokenRequestAuthenticator.authenticateToken(BearerTokenRequestAuthenticator.java:87)
at
org.keycloak.adapters.BearerTokenRequestAuthenticator.authenticate(BearerTokenRequestAuthenticator.java:82)
at
org.keycloak.adapters.RequestAuthenticator.authenticate(RequestAuthenticator.java:68)
at
org.keycloak.adapters.undertow.AbstractUndertowKeycloakAuthMech.keycloakAuthenticate(AbstractUndertowKeycloakAuthMech.java:110)
at
org.keycloak.adapters.undertow.ServletKeycloakAuthMech.authenticate(ServletKeycloakAuthMech.java:92)
at
io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:233)
at
io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:250)
at
io.undertow.security.impl.SecurityContextImpl$AuthAttempter.access$100(SecurityContextImpl.java:219)
at
io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(SecurityContextImpl.java:121)
--
Darrell Wu
1Place International Limited
P.O. Box 125152, St Heliers, Auckland 1740, New Zealand
Level 5, 1 Queen Street, Auckland 1010, New Zealand
Phone: +64 9 5200612 ext 521 | Mob: +64 21 262 4898 | Fax: +64 9 5246203
Email: darrell at 1placeonline.com | Web: www.1placeonline.com
More information about the keycloak-user
mailing list