[keycloak-user] 4.6.0 Class cast exception
Dmitry Telegin
dt at acutus.pro
Sun Dec 16 22:20:24 EST 2018
Hello Keshav,
This can happen if you include Keycloak adapter modules (e.g. keycloak-core, keycloak-adapter-core) into your WEB-INF/lib. If your webapp depends on that modules, they should have "provided" scope in your pom.xml.
Cheers,
Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training
Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+42 (022) 888-30-71
E-mail: info at acutus.pro
On Wed, 2018-12-12 at 20:16 +0000, Keshav Sharma wrote:
> Hi All,
>
> I am getting below exception.
> Can anyone help me out in fixing below issue .Very Urgent.
> Issue :
> private KeycloakSecurityContext getSession(HttpServletRequest req) {
> return (KeycloakSecurityContext) req.getAttribute(KeycloakSecurityContext.class.getName());
> }
>
> I am getting class cast exception RefreshKeycloakSecurityContext can not be cast to KeycloakSecurityContext.
>
> Thanks in Advance😊
>
>
>
>
> Regards,
> ______________________________________________________
>
> Keshav Sharma
> ______________________________________________________
>
>
> -----Original Message-----
> > From: keycloak-user-bounces at lists.jboss.org <keycloak-user-bounces at lists.jboss.org> On Behalf Of Jernej Porenta
> Sent: Thursday, December 13, 2018 1:16 AM
> > To: keycloak-user <keycloak-user at lists.jboss.org>
> Subject: Re: [keycloak-user] 4.6.0 Upgrade disables client scopes
>
> Anyone with the solution to it?
>
> br, Jernej
>
> > > > On 21 Nov 2018, at 18:07, Lamina, Marco <marco.lamina at sap.com> wrote:
> >
> > To answer your questions:
> > - I upgraded from 4.5.0 to 4.6.0
> > - Clicking on "Client Scopes" and "Evaluate", all scopes are shown as expected
> > - Even when I create a new client and add the scope, it is not added to the token
> >
> > Thanks,
> > Marco
> >
> >
> > > > On 11/21/18, 5:19 AM, "Marek Posolda" <mposolda at redhat.com> wrote:
> >
> > No, it doesn't need to be updated in any profile like Token Exchange.
> >
> > Question is, from which version you upgraded? Note that during upgrade
> > to 4.0.0, the realm default client scopes are not automatically linked
> > to the clients. Thing is, that clients from previous version already has
> > some protocolMappers defined on them, so the clientScopes are not added
> > to it. You may need to do change your clients manually and remove
> > protocolMappers from them and link them to default client scopes.
> >
> > Just the new clients, which you will create now through admin UI, will
> > have the client scopes added to them. See details in the docs:
> > https://www.keycloak.org/docs/latest/upgrading/index.html#client-templates-changed-to-client-scopes
> >
> > BTV. When you're on client, you can click to "Client Scopes" and then
> > "Evaluate" to see what are applied client scopes and check what
> > clientScopes will be applied based on the value of "scope" parameter.
> >
> > Marek
> >
> > On 21/11/2018 01:55, Lamina, Marco wrote:
> > > Hi,
> > > I upgraded to 4.6.0 using the Kubernetes Helm chart. After the upgrade, token exchange stopped working, which I was able to fix thanks to [1]. Unfortunately, none of my client scopes are working anymore. Trying to get a token using client credentials succeeds, but anything I pass into the “scope” parameter is ignored and none of my default client scopes are applied. The “scope” claim in the token endpoint response is always empty.
> > > Is that a feature that needs to be enabled similar to the token exchange?
> > >
> > > [1] https://stackoverflow.com/questions/53367566/unable-to-setup-idp-token-exchange-in-keycloak-4-6-0-final
> > >
> > > Thanks,
> > > Marco
> > >
> > > _______________________________________________
> > > keycloak-user mailing list
> > > keycloak-user at lists.jboss.org
> > > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
> >
> >
> >
> >
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
> ________________________________
>
> This e-mail and/or its attachments are intended only for the use of the addressee(s) and may contain confidential and legally privileged information belonging to SHL and/or its affiliates. If you have received this e-mail in error, please notify the sender and immediately destroy all copies of this email and its attachments. The publication, copying, in whole or in part, or use or dissemination in any other way of this e-mail and attachments by anyone other than the intended person(s), is prohibited. If you would like to know how SHL collects, processes, uses, and stores personal data please go to www.shl.com/privacy to learn more.
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list