I have deployed keycloak on my EKS cluster and able to access dashboard successfully and created a new realm already.
So I thought of testing my keycloak, and went to https://www.keycloak.org/app/ for testing.
I have created a client with the root URL "https://www.keycloak.org/app/" and created one User also.
I have tested successfully my user using account login of my realm.
then I went to https://www.keycloak.org/app/ entered my keycloak URL as https://keycloak.test.nip.io , the realm as Test(same name of my realm), and then client name as a portal(same name client created on keycloak).
When I hit Sign in, it redirects to my keycloak URL but shown We are Sorry... Page not found
Anyone knows why I am receiving this error and how can I avoid that.
Issue fixed. So there is a catch My realm name was Test. So I was entering the same and it was not working and then I tried writing in lowercase as a test. Boom It worked.
TIP: No matter what case your realm name is there, if facing this issue try in Lowercase it solved for me and hope for others also it should work.
Thanks, guys...
I too had this error. I followed instructions somewhere for configuring the keycloak client application's url, realm, and clientId properties. In the instructions it said to configure the url to http://localhost:8080/auth. I think this must have changed somewhere along the way.
Changing the url property to http://localhost:8080 fixed the error :)
Related
So I created a website which shouldn’t be publicly accessible. Therefore I added the keycloak js adapter. Everything works as expected and I am redirected when entering the website url.
But there is a problem. If I use wget on the js/images/css etc. I still can access them because no javascript code is executed and no redirect is performed. How can I make sure that only authenticated users can access these resources? The website is hosted on nginx.
Expected is:
User tries to download file
User is redirected to keycloak if not authenticated.
Solved see comment under original post.
We have recently migrated to a new hosting environment so have installed a fresh instance of Shibboleth. When we generate sp metadata files, the urls are non-secure (ie http) even though the url used to generate the metadata uses https.
When using the test connection from our own Azure AD system, we see the obvious error: "The reply URL specified in the request does not match the reply URLs configured for the application:"
I have limited knowledge of configuring the system beyond working on shibboleth2.xml and attribute-map.xml so would be very grateful if anyone can point me in the right direction to fix this.
I'm not sure if you managed to configure it but i'm currently working on this as well, and i think i can help.
So the ReplyURL you need to provide in the Azure Portal, is the reply URL that accepts the authentiaction reply message from the identity provider.
In the case of Shibboleth it is:
http[s]://yoursitename/Shibboleth.SSO/Auth/Saml
So if your webpage is for instance:
https://localhost/Foo
The replyURL should be:
https://localhost/Shibboleth.SSO/Auth/Saml
Notice that the page "Foo" is not in the replyURL.
After the authentication the browser should send the IDP reply to https://localhost/Shibboleth.SSO/Auth/Saml, after which Shibboleth should redirect you back to https://localhost/Foo
At least that's the default behaviour.
I have setup a passwordpolicy on my openLDAP that is user is not able to change password, using his/her old password. Error message is working on my openLDAP but in keycloak the error message is different. See below image:
I've searched that this message is located here: https://github.com/keycloak/keycloak/blob/master/federation/ldap/src/main/java/org/keycloak/storage/ldap/idm/store/ldap/LDAPOperationManager.java
But i don't know where to find this java file in my keycloak-3.4.3.Final folder. And how to modify it.
I can't use the not recently used password policy: https://www.keycloak.org/docs/3.2/server_admin/topics/authentication/password-policies.html too since it is working only inside the keycloak db. And im using an LDAP federation.
Please help thank you.
I'm using the extended accounts package 'accounts-facebook'. When I run my application locally, the login authentication procedure works after adding 'http://localhost:3000/_oauth/facebook?close' under Valid OAuth redirect URIs.
After deploying the application however, the login pop-up gives no error, but remains blank without completing the authentication procedure. I've tried adding 'http://www.algoloom.com/_oauth/facebook?close' and loads of possible variations to this, as some other forum discussions suggest, but the login procedure is never completed.
While I was testing my application in its deployed version, I managed to get Facebook login working by changing its ROOT_URL to 'http://www.algoloom.com:3010', in combination with 'http://www.algoloom.com:3010/_oauth/facebook?close' as a redirect URI. Now that I've set nginx to redirect to port 3010 by default, the 3010 disappears from the main website URL. As a result I've also set my ROOT_URL to 'http://www.algoloom.com'. This works fine for any other website functionality, but I can't seem to fix my my issues with Facebook login.
Any ideas on how to solve this?
I have successfully created, configured and integrated SSO with my application at (https://console.bluemix.net). My project url is http://helloworldnew.mybluemix.net. I have created user Manoj while setting up SSO.
Details are as follows:
Username: Manoj
Password: welcome2ibm11
Once user is logging in to the application, it keeps on giving an "Authorization Failed" message.
Where and how to resolve the issue?
The same thing happens with other users created while configuring SSO, like
Username: Suruchi
Password: welcome2ibm
I was able to access this project successfully using username Manoj one day ago, but now it's throwing the authorization error.
It seems the application you provided above is working when signing in with user id and password you provided.
Are you still seeing errors? If so please provide more detailed information including error you are seeing.
Thanks,
Alex.