[keycloak-user] facing issue while having the single sign on flow
vandana thota
vandana0242 at gmail.com
Mon Jul 23 10:47:41 EDT 2018
Hello Dimtry ,
Have you checked the doc which 24 pages and I have attached to my previous
email ?
Keycloa-user lists can not able to post as its large .
Is your email id can able to get that big file ?
Thanks.
On Sun, Jul 22, 2018 at 10:50 PM vandana thota <vandana0242 at gmail.com>
wrote:
>
>
> as for you, from which transaction depicted in the diagram did the
> error arise?
> PFA ( 23rd and 24th page )
> - there should have been a stack trace after "invalidRequestMessage",
> could you please share it?
>
> We could see keycloak logs as below
> 14:10:39,362 WARN [org.hibernate.dialect.H2Dialect] (ServerService Thread
> Pool -- 47) HHH000431: Unable to determine H2 database version, certain
> features m work
>
> 14:11:30,567 WARN [org.keycloak.events] (default task-1)
> type=IDENTITY_PROVIDER_LOGIN_ERROR, realmId=master, clientId=null,
> userId=null, ipAddress=10.9.7.2,=invalidRequestMessage
>
> 14:11:30,568 ERROR [org.keycloak.services.resources.IdentityBrokerService]
> (default task-1) invalidRequestMessage
>
> 14:11:51,668 WARN [org.keycloak.events] (default task-2)
> type=IDENTITY_PROVIDER_LOGIN_ERROR, realmId=master, clientId=null,
> userId=null, ipAddress=10.9.7.2,=invalidRequestMessage
>
> 14:11:51,669 ERROR [org.keycloak.services.resources.IdentityBrokerService]
> (default task-2) invalidRequestMessage
>
>
> - what was the SAML payload of the request that lead to an error? You
> can obtain it from F12 -> Network in your browser (but don't forget to
> scrub any sensitive data)
>
> I did not understand what is SAML payload .we are using SAML 2.0 standrd.
>
> What is F12 .
>
> So far we did not configure any load balancer yet
>
>
>
>
>
>
> On Sun, Jul 22, 2018 at 11:10 PM Dmitry Telegin <dt at acutus.pro> wrote:
>
>> Hi Vandana,
>>
>> Excellent diagram! However I'm afraid we'll need some additional info:
>> - as for you, from which transaction depicted in the diagram did the
>> error arise?
>> - there should have been a stack trace after "invalidRequestMessage",
>> could you please share it?
>> - what was the SAML payload of the request that lead to an error? You
>> can obtain it from F12 -> Network in your browser (but don't forget to
>> scrub any sensitive data)
>>
>> Cheers,
>> Dmitry Telegin
>> CTO, Acutus s.r.o.
>> Keycloak Consulting and Training
>>
>> Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
>> +42 (022) 888-30-71
>> E-mail: info at acutus.pro
>>
>> On Fri, 2018-07-20 at 15:44 -0500, vandana thota wrote:
>> > ERROR [org.keycloak.services.resources.IdentityBrokerService]
>> > (default
>> > task-25) invalidRequestMessage
>> >
>> > We are configuring the Single sign on for the application deployed on
>> > the
>> > Wildfly instance by having keycloak , external IDP , SAML 2.0
>> > standards
>> > .Below is the flow .
>> >
>> > There was an error at the flow while we are trying this flow . PFA It
>> > has
>> > pictorial representation of the flow .
>> > Wildfly app or servlet container -> (SP) SAML request to IdP ->
>> > Keycloak ->
>> > (identify Okta IdP... may or may not need a username) -> (SP SAML
>> > Request
>> > to Okta) -> Okta IdP (May or may not need user to login depends on if
>> > they
>> > have an active okta session or not) -> IdP SAML Response -> Keycloak
>> > -> IdP
>> > SAML Response Wildfly app / servlet container
>> > _______________________________________________
>> > keycloak-user mailing list
>> > keycloak-user at lists.jboss.org
>> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
More information about the keycloak-user
mailing list