The latest 7.42.0.Final kie-server or kie-server-showcase container is working and deployed but context path /kie-server is forbidden. But, the rest service is working fine. Any reason?
I followed the document mentioned in this repo
https://hub.docker.com/r/jboss/kie-server-showcase/
You can look into web.xml here: https://github.com/kiegroup/droolsjbpm-integration/blob/master/kie-server-parent/kie-server-wars/kie-server/src/main/webc-resources/WEB-INF/web.xml
Except some urls, all of them need kie-server and user roles for authorization.
Best regards,
Related
Hi I am working on the mendix rest webservices and through swagger , i can test the local host data all right.
But when i promote objects to acceptance, i need to update the webservice seurity to 'Requires authentication'. This would need username and password.
when the webservices are in the UAT, it fails to autheticate the request as below shown. Can you please help if you have a solution in this situation?
thanks
This could be due to the Path based access restrictions in your cloud environment. Allow all access to the appropriate paths as below to verify your endpoints.
Restart your application after applying the changes.
I have deployed keycloak on my EKS cluster and able to access dashboard successfully and created a new realm already.
So I thought of testing my keycloak, and went to https://www.keycloak.org/app/ for testing.
I have created a client with the root URL "https://www.keycloak.org/app/" and created one User also.
I have tested successfully my user using account login of my realm.
then I went to https://www.keycloak.org/app/ entered my keycloak URL as https://keycloak.test.nip.io , the realm as Test(same name of my realm), and then client name as a portal(same name client created on keycloak).
When I hit Sign in, it redirects to my keycloak URL but shown We are Sorry... Page not found
Anyone knows why I am receiving this error and how can I avoid that.
Issue fixed. So there is a catch My realm name was Test. So I was entering the same and it was not working and then I tried writing in lowercase as a test. Boom It worked.
TIP: No matter what case your realm name is there, if facing this issue try in Lowercase it solved for me and hope for others also it should work.
Thanks, guys...
I too had this error. I followed instructions somewhere for configuring the keycloak client application's url, realm, and clientId properties. In the instructions it said to configure the url to http://localhost:8080/auth. I think this must have changed somewhere along the way.
Changing the url property to http://localhost:8080 fixed the error :)
I created a Rest-API and a frontend as a self contained system with Quarkus.
The frontend is served statically.
For Authentication i use a kleycloak server and have nearly the same configuration as in this guide from quarkus.
quarkus.oidc.auth-server-url=http://localhost:8180/auth/realms/quarkus
quarkus.oidc.client-id=frontend
quarkus.oidc.application-type=web-app
quarkus.http.auth.permission.authenticated.paths=/*
quarkus.http.auth.permission.authenticated.policy=authenticated
With this config i need to authenticate for the rest-api and the frontend. Thats what i want.
If i try to load the index.html i got redirected to keycloak and back. That works perfectly.
The problem is, that the same thing happens with the rest-api. I got redirected to keycloak with a "302 found"-status code. Here I would like to have an authentication with a bearer token and no redirect. Quarkus has the following configuration for this:
quarkus.oidc.application-type=service
That collides with the configuration for the frontend. Is there a way to use both, one for static files and one for the rest-api?
If I'm not wrong you're looking for a multi-tenant oidc setup(even though you're not designing tenants). The guide and example can be found on the official quarkus website here.
This way you'll have similar setup:
quarkus.oidc.auth-server-url=http://localhost:8180/auth/realms/quarkus
quarkus.oidc.client-id=frontend
quarkus.oidc.application-type=web-app
quarkus.http.auth.permission.authenticated.paths=/*
quarkus.http.auth.permission.authenticated.policy=authenticated
quarkus.oidc.restapi.auth-server-url=http://localhost:8180/auth/your/path
quarkus.oidc.restapi.client-id=backend
quarkus.oidc.restapi.application-type=service
P.S you can replace restapi with more likable name.
i try to add security to my Api defined in Gravitee.io with a keycloaK apikey .
I've tried to add resource in my api conf but i not found resource "Keycloak provider" to paste my keycloak json file. like in the last screenshot of this readme :
https://github.com/gravitee-io/breizhcamp-2018-tia
I use Gravitee.io 1.24 (last docker image) and keycloak 5.0.0
please help me ;-)
You need to download the keycloak resource plugin and drag & drop the zip file into the both directories 'plugin' of your instances (gateway and management) :) You can found it at this link : https://download.gravitee.io/graviteeio-apim/plugins/resources/gravitee-resource-oauth2-provider-keycloak/
Have a good day :)
I want to integrate keycloak security features to my spring boot based rest apis.
I am using KeyCloak 1.3.1 Final.
Now this is pure rest based api and am doing my testing through postman
I have got my rest api secured and when i try to access it do asks me for authorization, but am not able to execute my request. basically am locked out of my api.
I will quickly list out things that I have already done
Created a spring boot rest api and tested it. It works fine.
Modified my gradle for KeyCloak and configured it as per this document
Configured my keyCloak for the "bearer only" application
I tried to generate access token, but I was not able to. Therefore I created another Client in keycloak with "confidential" and used this client to generate the access token (both the clients were pointing to same application. Am not sure if this is correct)
With this access token, I am trying to make api call but am getting 401
Again am using this document.
I am new to both keycloak and spring.
So what I want to ask here is how can we generate the access token for testing a rest api in a scenario like one which is here.
Any useful resource on KeyCloak that can help me out here. As of now I dont have a clue as to where the problem is? Is it with my api or with how I have configured the KeyCloak.
Also since I am new to spring and I just could not found a decent document on how to configure cloak for spring boot. If you can help with that as well.
Moving further on this I was informed on the KeyCloak mailing list that spring boot adapter only supports basic authentication, and so I decided to incorporate the spring security adapter itself.
I did that and when am running the application and providing creds am still not able to make it work. However something interesting is happening. I am being redirected to http://127.0.0.1:8090/sso/login
I double checked it and that is not the redirect url i have provided.
???
Any idea why?
(Once again am new to it and learning about spring and security on way through this project. So please bear with me.)
So after spending quite a good amount of time and getting some help from keycloak user list here is how i got it to work.
Use Spring Security instead of spring boost security adapter (as I have already mentioned in the the edit, boot adapter is only for basic authentication)
There documentation does a decent job of explaining out everything else refer to that.
I am still testing the whole thing and will document it out for future references.