First I have activated the the user registration on the keycloak admin panel
I try to create a new account with an unique email and username
This shows up after I click register:
In console it is this printed:
2023-01-06 00:39:50 2023-01-05 23:39:50,440 WARN [org.keycloak.events] (executor-thread-34) type=REGISTER_ERROR, realmId=keycloak-react-auth, clientId=account-console, userId=null, ipAddress=172.17.0.1, error=invalid_user_credentials, auth_method=openid-connect, auth_type=code, redirect_uri=http://localhost:8080/realms/keycloak-react-auth/account/#/,, code_id=c8dccb6d-1ca4-4f25-b160-9b72d48bffd1, authSessionParentId=c8dccb6d-1ca4-4f25-b160-9b72d48bffd1, authSessionTabId=gY0TRMYd8aw
Related
I am running keycloak 19.0.2 in dev mode. When trying to login to microsoft from keycloak (SSO) using the oauth2 flow, I get 502 error in the browser on the callback to keycloak. The code param has a strange value also.
I believe it has something to do with user permissions, but I can clearly see I have defined them.
The callback to the keycloak server throws a 502 error and has strange values in the code params.
The keycloak server errors with the following logs:
2022-10-17 13:08:46,517 ERROR
[org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider] (executor-thread-42)
Failed to make identity provider oauth callback:
org.keycloak.broker.provider.IdentityBrokerException: Could not obtain user profile
from Microsoft Graph
2022-10-17 13:08:46,542 WARN [org.keycloak.events] (executor-thread-42)
type=IDENTITY_PROVIDER_LOGIN_ERROR, realmId=8ca06b23-d544-4464-a3bf-448be5308802,
clientId=recruit-api, userId=null, ipAddress=127.0.0.1,
error=identity_provider_login_failure, code_id=62aaf7bf-9c08-4c88-a7c3-e6f7af282de1,
authSessionParentId=62aaf7bf-9c08-4c88-a7c3-e6f7af282de1,
authSessionTabId=WjArYJ99WyM
I am new to keycloak setup hence need your help. Please let me know if you need more information.
My web app returns invalid login when valid credentials are entered. Further look into my keycloak pod logs, i can the below error...
The keycloak version: 10.0.2
[org.keycloak.events] (default task-211) type=LOGOUT_ERROR, realmId=qa-vanguard, clientId=qa-client, userId=null, ipAddress=x.x.x.x, error=invalid_token, client_auth_method=client-secret
Any pointers on how to further debug the problem.
-Raman
I had configured the keycloak under the user federation settings as kerberos.
I had also entered the realm ,service principal and the keytab file directory as stated .
But I get the issue as : Kerberos is not set up . You cannot login
In firefox I has enabled SPNEGO as per the below docs :
http://www.microhowto.info/howto/configure_firefox_to_authenticate_using_spnego_and_kerberos.html
I am attaching from the log snippet :
2021-06-30 11:43:31,234 DEBUG [org.keycloak.authentication.AuthenticationSelectionResolver] (default task-1) Selections when trying execution 'auth-spnego' : [ authSelection - auth-spnego]
2021-06-30 11:43:31,234 DEBUG [org.keycloak.authentication.DefaultAuthenticationFlow] (default task-1) invoke authenticator.authenticate: auth-spnego
2021-06-30 11:43:31,235 TRACE [org.keycloak.authentication.authenticators.browser.SpnegoAuthenticator] (default task-1) Sending back WWW-Authenticate: Negotiate
Reference to the same issue :
https://marc.info/?l=keycloak-user&m=154803677131797&w=2
Do consider to help us with the concrete solution .
Thanks in advance !
I am trying to test "forgot password" link in Keycloak. I get the email but when I click on the link in the email, I see error on UI as Invalid Request
In the server log, I see this
13:51:03,602 WARN [org.keycloak.events] (default task-36)
type=EXECUTE_ACTION_TOKEN_ERROR, realmId=fidesque, clientId=null,
userId=null, ipAddress=127.0.0.1, error=invalid_code, reason='Failed
to parse JWT'
Any clue what I may be missing ?
regards,
Venky
The error is gone after updating to latest version of Keycloak i.e 4.7.0
I made a change to the Apache Sling Authentication Service Anonymous account user password and enabled anonymous access. I also went into the anonymous user and changed the account password to match.
Unfortunately after this change, access to the login page was locked out with a continuous push to http://localhost:8080/um/login and a 403 error with a "This website requires you to log in." for any URL related to AEM. The JEE links (LiveCycle) still work. i.e.: /adminui.
Is there a way to "factory reset" both the values of the Apache Sling Authentication Service?
17:07:24,613 ERROR
[com.adobe.idp.um.provider.authentication.LDAPAuthProviderImpl]
(Thread-272) UserM:GENERIC_SEVERE: [Thread Hashcode: 1678680974] User
Name or Password is null 17:07:24,644 WARN
[com.adobe.idp.um.businesslogic.authentication.AuthenticationManagerBean]
(Thread-272) Authentication failed for user [anonymous] (Scheme -
Username/Password) Reason: Username or password is incorrect . Refer
to debug level logs for category
com.adobe.idp.um.businesslogic.authentication for further details
17:07:24,800 ERROR
[com.adobe.idp.um.provider.authentication.LDAPAuthProviderImpl]
(Thread-272) UserM:GENERIC_SEVERE: [Thread Hashcode: 1678680974] User
Name or Password is null 17:07:24,816 WARN
[com.adobe.idp.um.businesslogic.authentication.AuthenticationManagerBean]
(Thread-272) Authentication failed for user [anonymous] (Scheme -
Username/Password) Reason: Username or password is incorrect . Refer
to debug level logs for category
com.adobe.idp.um.businesslogic.authentication for further details
17:07:24,879 ERROR
[com.adobe.idp.um.provider.authentication.LDAPAuthProviderImpl]
(Thread-272) UserM:GENERIC_SEVERE: [Thread Hashcode: 1678680974] User
Name or Password is null 17:07:24,894 WARN
[com.adobe.idp.um.businesslogic.authentication.AuthenticationManagerBean]
(Thread-272) Authentication failed for user [anonymous] (Scheme -
Username/Password) Reason: Username or password is incorrect . Refer
to debug level logs for category
com.adobe.idp.um.businesslogic.authentication for further details
17:07:25,050 ERROR
[com.adobe.idp.um.provider.authentication.LDAPAuthProviderImpl]
(Thread-272) UserM:GENERIC_SEVERE: [Thread Hashcode: 1678680974] User
Name or Password is null 17:07:25,066 WARN
[com.adobe.idp.um.businesslogic.authentication.AuthenticationManagerBean]
(Thread-272) Authentication failed for user [anonymous] (Scheme -
Username/Password) Reason: Username or password is incorrect . Refer
to debug level logs for category
com.adobe.idp.um.businesslogic.authentication for further details
17:07:25,144 ERROR
[com.adobe.idp.um.provider.authentication.LDAPAuthProviderImpl]
(Thread-272) UserM:GENERIC_SEVERE: [Thread Hashcode: 1678680974] User
Name or Password is null
In order for these changes to take effect the AEM instance needs to be restarted.