Describe the bug

photoz-html5-client and photoz-restful-api have both been deployed successfully but when testing the client http://localhost:8080/photoz-html5-client/ , I run into the following error in browser console:

Refused to frame 'http://localhost:8180/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".

Any idea what could cause this issue?

Version

16.1.0

Expected behavior

No response

Actual behavior

No response

How to Reproduce?

No response

Anything else?

No response

Description

It takes time and CI resources to rebuild Keycloak, let's skip this by using Keycloak nightly.

Discussion

No response

Motivation

Performance improvements. Also the build will not fail due to an unstable Keycloak main branch.

Details

No response

Description

The current quickstarts include coverage for Node.js use cases but not all.

For example there is no equivalent to app-jee-html5

Discussion

No response

Motivation

Node.js developers may not be willing/interested in installing Java on their system or having to understand how to configure/run a Java application to learn how to use keycloak when using Node.js.

With a few small additions we can allow them to go through the quickstarts using only Node.js

Details

First quickstart to add would be app-nodejs-html5 which can re-use the same static assets but host them with express instead.

Describe the bug

Using the components listed below as expected in
https://github.com/keycloak/keycloak-quickstarts/tree/latest/app-profile-jee-vanilla
https://github.com/keycloak/keycloak-quickstarts/blob/latest/docs/getting-started.md

• Wildfly 22 (Wildfly 23 doesn't work properly with the adapter) being used and adapter installed succesfully.
• I've tried this with Keycloak running on Podman (on port 8180) and I've also tried this with Keycloak running from build locally on port 8180. Results are the same both times.
• User profile created, user created and role mapping set on Keycloak.
• Application built successfully with Maven and login page can be found at http://localhost:8080/vanilla/

The issues arises when trying to log in.

The application won't let me sign in with the user details or admin details.

Version

I've tried 18.0.2 & 19.0.1

Expected behavior

Expecting the app to let me sign in.

Actual behavior

App does not let me sign in.
No errors shown in log files.

How to Reproduce?

Follow the steps shown in the Quickstart guide using the version numbers used in the bug description.

Anything else?

No response

Description

As a first pass when migrating the testing to using the Quarkus distribution some tests where disabled. See https://github.com/keycloak/keycloak-quickstarts/pull/355/files#diff-8902b2f17efc6ce59c23e4b9b4a2ec63d0a75b95eb642db2de7d4afb843a00b9 for the list of tests that are disabled and need to be migrated to Quarkus dist.

Discussion

No response

Motivation

No response

Details

No response

The Angular 2 quickstart has not been maintained since 2017 and runs on a version of Angular that is no longer supported.

Describe the bug

I have try to deploy app-authz-jee-vanilla on wildfly as described in the Building and deploying the application documentation and I am facing the following mvn error:
`[WARNING] Error injecting: org.apache.maven.plugin.war.WarMojo
com.google.inject.ProvisionException: Unable to provision, see the following errors:

1. Error injecting constructor, java.lang.ExceptionInInitializerError
   at org.apache.maven.plugin.war.WarMojo.(Unknown Source)
   while locating org.apache.maven.plugin.war.WarMojo

1 error
at com.google.inject.internal.InternalProvisionException.toProvisionException (InternalProvisionException.java:226)
at com.google.inject.internal.InjectorImpl$1.get (InjectorImpl.java:1053)
at com.google.inject.internal.InjectorImpl.getInstance (InjectorImpl.java:1086)
at org.eclipse.sisu.space.AbstractDeferredClass.get (AbstractDeferredClass.java:48)
at com.google.inject.internal.ProviderInternalFactory.provision (ProviderInternalFactory.java:85)
at com.google.inject.internal.InternalFactoryToInitializableAdapter.provision (InternalFactoryToInitializableAdapter.java:57)
at com.google.inject.internal.ProviderInternalFactory$1.call (ProviderInternalFactory.java:66)
at com.google.inject.internal.ProvisionListenerStackCallback$Provision.provision (ProvisionListenerStackCallback.java:112)
at com.google.inject.internal.ProvisionListenerStackCallback$Provision.provision (ProvisionListenerStackCallback.java:127)
at com.google.inject.internal.ProvisionListenerStackCallback.provision (ProvisionListenerStackCallback.java:66)
at com.google.inject.internal.ProviderInternalFactory.circularGet (ProviderInternalFactory.java:61)
at com.google.inject.internal.InternalFactoryToInitializableAdapter.get (InternalFactoryToInitializableAdapter.java:47)
at com.google.inject.internal.InjectorImpl$1.get (InjectorImpl.java:1050)
at org.eclipse.sisu.inject.Guice4$1.get (Guice4.java:162)
at org.eclipse.sisu.inject.LazyBeanEntry.getValue (LazyBeanEntry.java:81)
at org.eclipse.sisu.plexus.LazyPlexusBean.getValue (LazyPlexusBean.java:51)
at org.codehaus.plexus.DefaultPlexusContainer.lookup (DefaultPlexusContainer.java:263)
at org.codehaus.plexus.DefaultPlexusContainer.lookup (DefaultPlexusContainer.java:255)
at org.apache.maven.plugin.internal.DefaultMavenPluginManager.getConfiguredMojo (DefaultMavenPluginManager.java:520)
at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo (DefaultBuildPluginManager.java:124)
at org.apache.maven.lifecycle.internal.MojoExecutor.doExecute (MojoExecutor.java:301)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:211)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:165)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:157)
at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject (LifecycleModuleBuilder.java:121)
at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject (LifecycleModuleBuilder.java:81)
at org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build (SingleThreadedBuilder.java:56)
at org.apache.maven.lifecycle.internal.LifecycleStarter.execute (LifecycleStarter.java:127)
at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:294)
at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:192)
at org.apache.maven.DefaultMaven.execute (DefaultMaven.java:105)
at org.apache.maven.cli.MavenCli.execute (MavenCli.java:960)
at org.apache.maven.cli.MavenCli.doMain (MavenCli.java:293)
at org.apache.maven.cli.MavenCli.main (MavenCli.java:196)
at jdk.internal.reflect.DirectMethodHandleAccessor.invoke (DirectMethodHandleAccessor.java:104)
at java.lang.reflect.Method.invoke (Method.java:577)
at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced (Launcher.java:282)
at org.codehaus.plexus.classworlds.launcher.Launcher.launch (Launcher.java:225)
at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode (Launcher.java:406)
at org.codehaus.plexus.classworlds.launcher.Launcher.main (Launcher.java:347)
Caused by: java.lang.ExceptionInInitializerError
at com.thoughtworks.xstream.XStream.setupConverters (XStream.java:679)
at com.thoughtworks.xstream.XStream. (XStream.java:456)
at com.thoughtworks.xstream.XStream. (XStream.java:381)
at com.thoughtworks.xstream.XStream. (XStream.java:356)
at org.apache.maven.plugin.war.util.WebappStructureSerializer. (WebappStructureSerializer.java:47)
at org.apache.maven.plugin.war.AbstractWarMojo. (AbstractWarMojo.java:329)
at org.apache.maven.plugin.war.WarMojo. (WarMojo.java:54)
at jdk.internal.reflect.DirectConstructorHandleAccessor.newInstance (DirectConstructorHandleAccessor.java:67)
at java.lang.reflect.Constructor.newInstanceWithCaller (Constructor.java:499)
at java.lang.reflect.Constructor.newInstance (Constructor.java:483)
at com.google.inject.internal.DefaultConstructionProxyFactory$ReflectiveProxy.newInstance (DefaultConstructionProxyFactory.java:126)
at com.google.inject.internal.ConstructorInjector.provision (ConstructorInjector.java:114)
at com.google.inject.internal.ConstructorInjector.access$000 (ConstructorInjector.java:32)
at com.google.inject.internal.ConstructorInjector$1.call (ConstructorInjector.java:98)
at com.google.inject.internal.ProvisionListenerStackCallback$Provision.provision (ProvisionListenerStackCallback.java:112)
at com.google.inject.internal.ProvisionListenerStackCallback$Provision.provision (ProvisionListenerStackCallback.java:127)
at com.google.inject.internal.ProvisionListenerStackCallback.provision (ProvisionListenerStackCallback.java:66)
at com.google.inject.internal.ConstructorInjector.construct (ConstructorInjector.java:93)
at com.google.inject.internal.ConstructorBindingImpl$Factory.get (ConstructorBindingImpl.java:306)
at com.google.inject.internal.InjectorImpl$1.get (InjectorImpl.java:1050)
at com.google.inject.internal.InjectorImpl.getInstance (InjectorImpl.java:1086)
at org.eclipse.sisu.space.AbstractDeferredClass.get (AbstractDeferredClass.java:48)
at com.google.inject.internal.ProviderInternalFactory.provision (ProviderInternalFactory.java:85)
at com.google.inject.internal.InternalFactoryToInitializableAdapter.provision (InternalFactoryToInitializableAdapter.java:57)
at com.google.inject.internal.ProviderInternalFactory$1.call (ProviderInternalFactory.java:66)
at com.google.inject.internal.ProvisionListenerStackCallback$Provision.provision (ProvisionListenerStackCallback.java:112)
at com.google.inject.internal.ProvisionListenerStackCallback$Provision.provision (ProvisionListenerStackCallback.java:127)
at com.google.inject.internal.ProvisionListenerStackCallback.provision (ProvisionListenerStackCallback.java:66)
at com.google.inject.internal.ProviderInternalFactory.circularGet (ProviderInternalFactory.java:61)
at com.google.inject.internal.InternalFactoryToInitializableAdapter.get (InternalFactoryToInitializableAdapter.java:47)
at com.google.inject.internal.InjectorImpl$1.get (InjectorImpl.java:1050)
at org.eclipse.sisu.inject.Guice4$1.get (Guice4.java:162)
at org.eclipse.sisu.inject.LazyBeanEntry.getValue (LazyBeanEntry.java:81)
at org.eclipse.sisu.plexus.LazyPlexusBean.getValue (LazyPlexusBean.java:51)
at org.codehaus.plexus.DefaultPlexusContainer.lookup (DefaultPlexusContainer.java:263)
at org.codehaus.plexus.DefaultPlexusContainer.lookup (DefaultPlexusContainer.java:255)
at org.apache.maven.plugin.internal.DefaultMavenPluginManager.getConfiguredMojo (DefaultMavenPluginManager.java:520)
at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo (DefaultBuildPluginManager.java:124)
at org.apache.maven.lifecycle.internal.MojoExecutor.doExecute (MojoExecutor.java:301)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:211)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:165)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:157)
at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject (LifecycleModuleBuilder.java:121)
at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject (LifecycleModuleBuilder.java:81)
at org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build (SingleThreadedBuilder.java:56)
at org.apache.maven.lifecycle.internal.LifecycleStarter.execute (LifecycleStarter.java:127)
at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:294)
at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:192)
at org.apache.maven.DefaultMaven.execute (DefaultMaven.java:105)
at org.apache.maven.cli.MavenCli.execute (MavenCli.java:960)
at org.apache.maven.cli.MavenCli.doMain (MavenCli.java:293)
at org.apache.maven.cli.MavenCli.main (MavenCli.java:196)
at jdk.internal.reflect.DirectMethodHandleAccessor.invoke (DirectMethodHandleAccessor.java:104)
at java.lang.reflect.Method.invoke (Method.java:577)
at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced (Launcher.java:282)
at org.codehaus.plexus.classworlds.launcher.Launcher.launch (Launcher.java:225)
at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode (Launcher.java:406)
at org.codehaus.plexus.classworlds.launcher.Launcher.main (Launcher.java:347)
Caused by: java.lang.reflect.InaccessibleObjectException: Unable to make field private final java.util.Comparator java.util.TreeMap.comparator accessible: module java.base does not "opens java.util" to unnamed module @4af7dd6a
at java.lang.reflect.AccessibleObject.checkCanSetAccessible (AccessibleObject.java:354)
at java.lang.reflect.AccessibleObject.checkCanSetAccessible (AccessibleObject.java:297)
at java.lang.reflect.Field.checkCanSetAccessible (Field.java:180)
at java.lang.reflect.Field.setAccessible (Field.java:174)
at com.thoughtworks.xstream.converters.collections.TreeMapConverter. (TreeMapConverter.java:59)
at com.thoughtworks.xstream.XStream.setupConverters (XStream.java:679)
at com.thoughtworks.xstream.XStream. (XStream.java:456)
at com.thoughtworks.xstream.XStream. (XStream.java:381)
at com.thoughtworks.xstream.XStream. (XStream.java:356)
at org.apache.maven.plugin.war.util.WebappStructureSerializer. (WebappStructureSerializer.java:47)
at org.apache.maven.plugin.war.AbstractWarMojo. (AbstractWarMojo.java:329)
at org.apache.maven.plugin.war.WarMojo. (WarMojo.java:54)
at jdk.internal.reflect.DirectConstructorHandleAccessor.newInstance (DirectConstructorHandleAccessor.java:67)
at java.lang.reflect.Constructor.newInstanceWithCaller (Constructor.java:499)
at java.lang.reflect.Constructor.newInstance (Constructor.java:483)
at com.google.inject.internal.DefaultConstructionProxyFactory$ReflectiveProxy.newInstance (DefaultConstructionProxyFactory.java:126)
at com.google.inject.internal.ConstructorInjector.provision (ConstructorInjector.java:114)
at com.google.inject.internal.ConstructorInjector.access$000 (ConstructorInjector.java:32)
at com.google.inject.internal.ConstructorInjector$1.call (ConstructorInjector.java:98)
at com.google.inject.internal.ProvisionListenerStackCallback$Provision.provision (ProvisionListenerStackCallback.java:112)
at com.google.inject.internal.ProvisionListenerStackCallback$Provision.provision (ProvisionListenerStackCallback.java:127)
at com.google.inject.internal.ProvisionListenerStackCallback.provision (ProvisionListenerStackCallback.java:66)
at com.google.inject.internal.ConstructorInjector.construct (ConstructorInjector.java:93)
at com.google.inject.internal.ConstructorBindingImpl$Factory.get (ConstructorBindingImpl.java:306)
at com.google.inject.internal.InjectorImpl$1.get (InjectorImpl.java:1050)
at com.google.inject.internal.InjectorImpl.getInstance (InjectorImpl.java:1086)
at org.eclipse.sisu.space.AbstractDeferredClass.get (AbstractDeferredClass.java:48)
at com.google.inject.internal.ProviderInternalFactory.provision (ProviderInternalFactory.java:85)
at com.google.inject.internal.InternalFactoryToInitializableAdapter.provision (InternalFactoryToInitializableAdapter.java:57)
at com.google.inject.internal.ProviderInternalFactory$1.call (ProviderInternalFactory.java:66)
at com.google.inject.internal.ProvisionListenerStackCallback$Provision.provision (ProvisionListenerStackCallback.java:112)
at com.google.inject.internal.ProvisionListenerStackCallback$Provision.provision (ProvisionListenerStackCallback.java:127)
at com.google.inject.internal.ProvisionListenerStackCallback.provision (ProvisionListenerStackCallback.java:66)
at com.google.inject.internal.ProviderInternalFactory.circularGet (ProviderInternalFactory.java:61)
at com.google.inject.internal.InternalFactoryToInitializableAdapter.get (InternalFactoryToInitializableAdapter.java:47)
at com.google.inject.internal.InjectorImpl$1.get (InjectorImpl.java:1050)
at org.eclipse.sisu.inject.Guice4$1.get (Guice4.java:162)
at org.eclipse.sisu.inject.LazyBeanEntry.getValue (LazyBeanEntry.java:81)
at org.eclipse.sisu.plexus.LazyPlexusBean.getValue (LazyPlexusBean.java:51)
at org.codehaus.plexus.DefaultPlexusContainer.lookup (DefaultPlexusContainer.java:263)
at org.codehaus.plexus.DefaultPlexusContainer.lookup (DefaultPlexusContainer.java:255)
at org.apache.maven.plugin.internal.DefaultMavenPluginManager.getConfiguredMojo (DefaultMavenPluginManager.java:520)
at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo (DefaultBuildPluginManager.java:124)
at org.apache.maven.lifecycle.internal.MojoExecutor.doExecute (MojoExecutor.java:301)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:211)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:165)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:157)
at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject (LifecycleModuleBuilder.java:121)
at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject (LifecycleModuleBuilder.java:81)
at org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build (SingleThreadedBuilder.java:56)
at org.apache.maven.lifecycle.internal.LifecycleStarter.execute (LifecycleStarter.java:127)
at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:294)
at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:192)
at org.apache.maven.DefaultMaven.execute (DefaultMaven.java:105)
at org.apache.maven.cli.MavenCli.execute (MavenCli.java:960)
at org.apache.maven.cli.MavenCli.doMain (MavenCli.java:293)
at org.apache.maven.cli.MavenCli.main (MavenCli.java:196)
at jdk.internal.reflect.DirectMethodHandleAccessor.invoke (DirectMethodHandleAccessor.java:104)
at java.lang.reflect.Method.invoke (Method.java:577)
at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced (Launcher.java:282)
at org.codehaus.plexus.classworlds.launcher.Launcher.launch (Launcher.java:225)
at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode (Launcher.java:406)
at org.codehaus.plexus.classworlds.launcher.Launcher.main (Launcher.java:347)
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 4.187 s
[INFO] Finished at: 2022-07-01T18:39:10+02:00
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-war-plugin:2.6:war (default-war) on project keycloak-app-authz-jee-vanilla: Execution default-war of goal org.apache.maven.plugins:maven-war-plugin:2.6:war failed: Unable to load the mojo 'war' in the plugin 'org.apache.maven.plugins:maven-war-plugin:2.6' due to an API incompatibility: org.codehaus.plexus.component.repository.exception.ComponentLookupException: null
[ERROR] -----------------------------------------------------
[ERROR] realm = plugin>org.apache.maven.plugins:maven-war-plugin:2.6
[ERROR] strategy = org.codehaus.plexus.classworlds.strategy.SelfFirstStrategy
[ERROR] urls[0] = file:/Users/yoann/.m2/repository/org/apache/maven/plugins/maven-war-plugin/2.6/maven-war-plugin-2.6.jar
[ERROR] urls[1] = file:/Users/yoann/.m2/repository/backport-util-concurrent/backport-util-concurrent/3.1/backport-util-concurrent-3.1.jar
[ERROR] urls[2] = file:/Users/yoann/.m2/repository/junit/junit/3.8.1/junit-3.8.1.jar
[ERROR] urls[3] = file:/Users/yoann/.m2/repository/org/slf4j/slf4j-jdk14/1.5.6/slf4j-jdk14-1.5.6.jar
[ERROR] urls[4] = file:/Users/yoann/.m2/repository/org/slf4j/jcl-over-slf4j/1.5.6/jcl-over-slf4j-1.5.6.jar
[ERROR] urls[5] = file:/Users/yoann/.m2/repository/org/apache/maven/reporting/maven-reporting-api/2.2.1/maven-reporting-api-2.2.1.jar
[ERROR] urls[6] = file:/Users/yoann/.m2/repository/org/apache/maven/doxia/doxia-sink-api/1.1/doxia-sink-api-1.1.jar
[ERROR] urls[7] = file:/Users/yoann/.m2/repository/org/apache/maven/doxia/doxia-logging-api/1.1/doxia-logging-api-1.1.jar
[ERROR] urls[8] = file:/Users/yoann/.m2/repository/commons-cli/commons-cli/1.2/commons-cli-1.2.jar
[ERROR] urls[9] = file:/Users/yoann/.m2/repository/org/codehaus/plexus/plexus-interactivity-api/1.0-alpha-4/plexus-interactivity-api-1.0-alpha-4.jar
[ERROR] urls[10] = file:/Users/yoann/.m2/repository/org/sonatype/plexus/plexus-sec-dispatcher/1.3/plexus-sec-dispatcher-1.3.jar
[ERROR] urls[11] = file:/Users/yoann/.m2/repository/org/sonatype/plexus/plexus-cipher/1.4/plexus-cipher-1.4.jar
[ERROR] urls[12] = file:/Users/yoann/.m2/repository/org/apache/maven/maven-archiver/2.6/maven-archiver-2.6.jar
[ERROR] urls[13] = file:/Users/yoann/.m2/repository/org/apache/maven/shared/maven-shared-utils/0.7/maven-shared-utils-0.7.jar
[ERROR] urls[14] = file:/Users/yoann/.m2/repository/com/google/code/findbugs/jsr305/2.0.1/jsr305-2.0.1.jar
[ERROR] urls[15] = file:/Users/yoann/.m2/repository/org/codehaus/plexus/plexus-io/2.4.1/plexus-io-2.4.1.jar
[ERROR] urls[16] = file:/Users/yoann/.m2/repository/commons-io/commons-io/2.2/commons-io-2.2.jar
[ERROR] urls[17] = file:/Users/yoann/.m2/repository/org/codehaus/plexus/plexus-archiver/2.9/plexus-archiver-2.9.jar
[ERROR] urls[18] = file:/Users/yoann/.m2/repository/org/apache/commons/commons-compress/1.9/commons-compress-1.9.jar
[ERROR] urls[19] = file:/Users/yoann/.m2/repository/org/codehaus/plexus/plexus-interpolation/1.21/plexus-interpolation-1.21.jar
[ERROR] urls[20] = file:/Users/yoann/.m2/repository/com/thoughtworks/xstream/xstream/1.4.4/xstream-1.4.4.jar
[ERROR] urls[21] = file:/Users/yoann/.m2/repository/xmlpull/xmlpull/1.1.3.1/xmlpull-1.1.3.1.jar
[ERROR] urls[22] = file:/Users/yoann/.m2/repository/xpp3/xpp3_min/1.1.4c/xpp3_min-1.1.4c.jar
[ERROR] urls[23] = file:/Users/yoann/.m2/repository/org/codehaus/plexus/plexus-utils/3.0.20/plexus-utils-3.0.20.jar
[ERROR] urls[24] = file:/Users/yoann/.m2/repository/org/apache/maven/shared/maven-filtering/1.3/maven-filtering-1.3.jar
[ERROR] urls[25] = file:/Users/yoann/.m2/repository/org/sonatype/plexus/plexus-build-api/0.0.4/plexus-build-api-0.0.4.jar
[ERROR] urls[26] = file:/Users/yoann/.m2/repository/org/apache/maven/shared/maven-mapping/1.0/maven-mapping-1.0.jar
[ERROR] Number of foreign imports: 1
[ERROR] import: Entry[import from realm ClassRealm[maven.api, parent: null]]
[ERROR]
[ERROR] -----------------------------------------------------
[ERROR] : ExceptionInInitializerError: Unable to make field private final java.util.Comparator java.util.TreeMap.comparator accessible: module java.base does not "opens java.util" to unnamed module 4af7dd6a`

I have of course created a realm in my keycloak server as mentioned earlier in the doc and stored the keycloak.json in the config directory as followed :
{ "realm": "hello-world-authz", "auth-server-url": "https://<myhost>.westeurope.cloudapp.azure.com/auth/", "ssl-required": "external", "resource": "app-authz-vanilla", "verify-token-audience": true, "credentials": { "secret": "<my_secret_key>" }, "confidential-port": 0, "policy-enforcer": { "on-deny-redirect-to" : "/app-authz-vanilla/error.jsp" } }

Any idea?

Version

16.1.1

Expected behavior

No response

Actual behavior

No response

How to Reproduce?

No response

Anything else?

No response

Description

Like this question Thanks~!

Discussion

No response

Motivation

No response

Details

No response

Describe the bug

Hello,

I am trying to develop a rest API in spring boot using examples from keycloak-quickstarts/app-authz-rest-springboot

I am using Spring Boot V2.7.1, Java Version 18 and keycloak-spring-boot-starter V18.0.1.

In my applications.properties file and applications.yml file (I used both ways) I am trying to use policy-enforcer-config settings but when I execute my application and access it from postman I receive the following error: Failed to obtain policy enforcer

Also, Intellij seems that does not support the policy-enforcer-config settings. For example: Cannot resolve configuration property 'keycloak.policy-enforcer-config.paths'

Can you please help?

Thank you in advance,
George

Version

18.0.1

Expected behavior

No response

Actual behavior

No response

How to Reproduce?

No response

Anything else?

No response

Description

Hi
I'm currently updating some custom extensions to use the new Quarkus distribution.
What's the suggested way to inherit Maven dependencies to access the new Quarkus-provided Arc container?

Arc.container()

Currently using this in pom.xml but not sure it's too broad of a dependency:

    <dependency>
        <groupId>org.keycloak</groupId>
        <artifactId>keycloak-quarkus-server-deployment</artifactId>
        <version>${version.keycloak}</version>
    </dependency>

Requiring Arc container to do something similar to this:

Arc.container().instance(EntityManagerFactory.class, new io.quarkus.hibernate.orm.PersistenceUnit.PersistenceUnitLiteral("A")).get()

Discussion

https://stackoverflow.com/questions/72291220/quarkus-programmatically-retrieve-named-jta-datasource?noredirect=1#comment127753978_72291220

Describe the bug

After I've compiled and ran the vue demo, it doesnt show anything in the browser.

Version

11.0.1

Expected behavior

The browser should render a keycloak instance

Actual behavior

Nothing is rendered on screen

How to Reproduce?

1. clone the repo and navigate to this
2. Run the demo
3. Voila

Anything else?

No response

Describe the bug

Lots of tests are failing this morning, as the image for 15.1.1 appears to be missing;

Back-off pulling image "quay.io/keycloak/keycloak:15.1.1"

I assume it's a deeper problem than that, and it appears as if the 15.1.1 release might have been pulled from service:

https://www.keycloak.org/docs/latest/release_notes/

I pull my manifests directly from the quickstart, so I can back down to an earlier version for my systems, but just curious what has happened, if anyone can provide a link or reference!

Version

15.1.1

Expected behavior

Image should not be missing and quickstart tests should pass in general on a release

Actual behavior

No response

How to Reproduce?

No response

Anything else?

No response

Describe the bug

the module user-storage-jpa-legacy still declares 18.0.0-SNAPSHOT as development version. lately this was changed to use 999-SNAPSHOT instead. This causes the main repo CI step Quickstarts Tests to break, see e.g. https://github.com/keycloak/keycloak/runs/6493560232?check_suite_focus=true#step:8:4617

Version

current

Expected behavior

the error does not show up anymore.

Actual behavior

error shows up.

How to Reproduce?

No response

Anything else?

will provide a pr

Describe the bug

I have try to deploy app-profile-jee-vanilla on wildfly as described in the [Build and Deploy the Quickstart
(https://github.com/keycloak/keycloak-quickstarts/tree/main/app-profile-jee-vanilla) documentation and I am facing the following mvn error when trying to deploy the quickstart:

'Failed to execute goal org.wildfly.plugins:wildfly-maven-plugin:1.2.2.Final:deploy : Failed to execute goal deploy: {"WFLYCTL0062: Composite operation failed and was rolled back.'

More detailed screenshot of the errors in question from the Quickstart shell and the Wildfly Shell can be found [Screenshots of the errors]
(https://drive.google.com/drive/folders/1-UikwADzidf0BVPBSl8zNntAsQsfIfub?usp=sharing)

The screenshots should be viewable for all Redhat emails.

Full copy of detailed error shown below also.

[ERROR] Failed to execute goal org.wildfly.plugins:wildfly-maven-plugin:1.2.2.Final:deploy (default-cli) on project keycloak-app-profile-jee-vanilla: Failed to execute goal deploy: {"WFLYCTL0062: Composite operation failed and was rolled back. Steps that failed:" => {"Operation step-1" => {"WFLYCTL0080: Failed services" => {"jboss.deployment.unit."vanilla.war".undertow-deployment" => "java.lang.RuntimeException: java.lang.IllegalStateException: The required mechanism 'BASIC' is not available in mechanisms [KEYCLOAK] from the HttpAuthenticationFactory.
[ERROR] Caused by: java.lang.RuntimeException: java.lang.IllegalStateException: The required mechanism 'BASIC' is not available in mechanisms [KEYCLOAK] from the HttpAuthenticationFactory.
[ERROR] Caused by: java.lang.IllegalStateException: The required mechanism 'BASIC' is not available in mechanisms [KEYCLOAK] from the HttpAuthenticationFactory."}}}}
[ERROR] -> [Help 1]
org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal org.wildfly.plugins:wildfly-maven-plugin:1.2.2.Final:deploy (default-cli) on project keycloak-app-profile-jee-vanilla: Failed to execute goal deploy: {"WFLYCTL0062: Composite operation failed and was rolled back. Steps that failed:" => {"Operation step-1" => {"WFLYCTL0080: Failed services" => {"jboss.deployment.unit."vanilla.war".undertow-deployment" => "java.lang.RuntimeException: java.lang.IllegalStateException: The required mechanism 'BASIC' is not available in mechanisms [KEYCLOAK] from the HttpAuthenticationFactory.
Caused by: java.lang.RuntimeException: java.lang.IllegalStateException: The required mechanism 'BASIC' is not available in mechanisms [KEYCLOAK] from the HttpAuthenticationFactory.
Caused by: java.lang.IllegalStateException: The required mechanism 'BASIC' is not available in mechanisms [KEYCLOAK] from the HttpAuthenticationFactory."}}}}
at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:215)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:156)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:148)
at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject (LifecycleModuleBuilder.java:117)
at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject (LifecycleModuleBuilder.java:81)
at org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build (SingleThreadedBuilder.java:56)
at org.apache.maven.lifecycle.internal.LifecycleStarter.execute (LifecycleStarter.java:128)
at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:305)
at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:192)
at org.apache.maven.DefaultMaven.execute (DefaultMaven.java:105)
at org.apache.maven.cli.MavenCli.execute (MavenCli.java:972)
at org.apache.maven.cli.MavenCli.doMain (MavenCli.java:293)
at org.apache.maven.cli.MavenCli.main (MavenCli.java:196)
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke (NativeMethodAccessorImpl.java:62)
at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke (DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke (Method.java:566)
at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced (Launcher.java:282)
at org.codehaus.plexus.classworlds.launcher.Launcher.launch (Launcher.java:225)
at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode (Launcher.java:406)
at org.codehaus.plexus.classworlds.launcher.Launcher.main (Launcher.java:347)
Caused by: org.apache.maven.plugin.MojoExecutionException: Failed to execute goal deploy: {"WFLYCTL0062: Composite operation failed and was rolled back. Steps that failed:" => {"Operation step-1" => {"WFLYCTL0080: Failed services" => {"jboss.deployment.unit."vanilla.war".undertow-deployment" => "java.lang.RuntimeException: java.lang.IllegalStateException: The required mechanism 'BASIC' is not available in mechanisms [KEYCLOAK] from the HttpAuthenticationFactory.
Caused by: java.lang.RuntimeException: java.lang.IllegalStateException: The required mechanism 'BASIC' is not available in mechanisms [KEYCLOAK] from the HttpAuthenticationFactory.
Caused by: java.lang.IllegalStateException: The required mechanism 'BASIC' is not available in mechanisms [KEYCLOAK] from the HttpAuthenticationFactory."}}}}
at org.wildfly.plugin.deployment.AbstractDeployment.execute (AbstractDeployment.java:152)
at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo (DefaultBuildPluginManager.java:137)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:210)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:156)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:148)
at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject (LifecycleModuleBuilder.java:117)
at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject (LifecycleModuleBuilder.java:81)
at org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build (SingleThreadedBuilder.java:56)
at org.apache.maven.lifecycle.internal.LifecycleStarter.execute (LifecycleStarter.java:128)
at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:305)
at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:192)
at org.apache.maven.DefaultMaven.execute (DefaultMaven.java:105)
at org.apache.maven.cli.MavenCli.execute (MavenCli.java:972)
at org.apache.maven.cli.MavenCli.doMain (MavenCli.java:293)
at org.apache.maven.cli.MavenCli.main (MavenCli.java:196)
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke (NativeMethodAccessorImpl.java:62)
at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke (DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke (Method.java:566)
at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced (Launcher.java:282)
at org.codehaus.plexus.classworlds.launcher.Launcher.launch (Launcher.java:225)
at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode (Launcher.java:406)
at org.codehaus.plexus.classworlds.launcher.Launcher.main (Launcher.java:347)
[ERROR]

Any help would be appreciated.

Version

Running on docker as shown in 'https://github.com/keycloak/keycloak-quickstarts/blob/main/docs/getting-started.md#keycloak'

Expected behavior

No response

Actual behavior

No response

How to Reproduce?

Follow steps shown in Documentation.

Anything else?

No response

Describe the bug

This has been introduced via keycloak/keycloak#11991

The current project depends on JDK 8 as Wildfly 14 used in the examples doesn't work out of the box with JDK 11

Version

999-SNAPSHOT

Expected behavior

No response

Actual behavior

No response

How to Reproduce?

No response

Anything else?

No response

Description

From Java 15 and later, there is not script engine available in the Java itself. We also won't have any script engine available by default inside Keycloak server. Hence there are some additional steps needed for the people working with their applications on Java 15 or later.

This issue is to adjust quickstarts to make sure they contain necessary instructions and bits to be able to have JS provider quickstarts working in the Keycloak distribution when running on Java 15 or later.

See keycloak/keycloak#9945 for the details of the original issue in the main codebase repository.

Discussion

No response

Motivation

No response

Details

No response

Describe the bug

Hi everyone
I'm testing the Quarkus-updated user-storage-jpa quickstart in order to subsequently upgrade multiple-ds-user-storage.

When starting the server, the following error is thrown and Quarkus fails to startup.

The application must supply JDBC connections 

Below the full stacktrace:

WARN  [org.hibernate.engine.jdbc.env.internal.JdbcEnvironmentInitiator] (JPA Startup Thread: user-store) HHH000342: Could not obtain connection to query metadata: java.lang.UnsupportedOperationException: The application must supply JDBC connections
at org.hibernate.engine.jdbc.connections.internal.UserSuppliedConnectionProviderImpl.getConnection(UserSuppliedConnectionProviderImpl.java:44)
at org.hibernate.engine.jdbc.env.internal.JdbcEnvironmentInitiator$ConnectionProviderJdbcConnectionAccess.obtainConnection(JdbcEnvironmentInitiator.java:181)
at org.hibernate.engine.jdbc.env.internal.JdbcEnvironmentInitiator.initiateService(JdbcEnvironmentInitiator.java:68)
at org.hibernate.engine.jdbc.env.internal.JdbcEnvironmentInitiator.initiateService(JdbcEnvironmentInitiator.java:35)
at org.hibernate.boot.registry.internal.StandardServiceRegistryImpl.initiateService(StandardServiceRegistryImpl.java:101)
at org.hibernate.service.internal.AbstractServiceRegistryImpl.createService(AbstractServiceRegistryImpl.java:263)
at org.hibernate.service.internal.AbstractServiceRegistryImpl.initializeService(AbstractServiceRegistryImpl.java:237)
at org.hibernate.service.internal.AbstractServiceRegistryImpl.getService(AbstractServiceRegistryImpl.java:214)
at org.hibernate.engine.jdbc.internal.JdbcServicesImpl.configure(JdbcServicesImpl.java:51)
at org.hibernate.boot.registry.internal.StandardServiceRegistryImpl.configureService(StandardServiceRegistryImpl.java:107)
at org.hibernate.service.internal.AbstractServiceRegistryImpl.initializeService(AbstractServiceRegistryImpl.java:246)
at org.hibernate.service.internal.AbstractServiceRegistryImpl.getService(AbstractServiceRegistryImpl.java:214)
at org.hibernate.boot.internal.SessionFactoryOptionsBuilder.<init>(SessionFactoryOptionsBuilder.java:272)
at io.quarkus.hibernate.orm.runtime.recording.PrevalidatedQuarkusMetadata.buildSessionFactoryOptionsBuilder(PrevalidatedQuarkusMetadata.java:68)
at io.quarkus.hibernate.orm.runtime.boot.FastBootEntityManagerFactoryBuilder.build(FastBootEntityManagerFactoryBuilder.java:72)
at io.quarkus.hibernate.orm.runtime.FastBootHibernatePersistenceProvider.createEntityManagerFactory(FastBootHibernatePersistenceProvider.java:71)
at javax.persistence.Persistence.createEntityManagerFactory(Persistence.java:80)
at javax.persistence.Persistence.createEntityManagerFactory(Persistence.java:55)
at io.quarkus.hibernate.orm.runtime.JPAConfig$LazyPersistenceUnit.get(JPAConfig.java:138)
at io.quarkus.hibernate.orm.runtime.JPAConfig$1.run(JPAConfig.java:54)
at java.base/java.lang.Thread.run(Thread.java:829)

Version

18.0.1

Expected behavior

Keycloak to start up.

Actual behavior

Keycloak unable to start up.

How to Reproduce?

Minimum Reproducible Example repo available at https://github.com/nicolabeghin/keycloak-issue-quarkus-user-storage-jpa

git checkout [email protected]:keycloak/keycloak-quickstarts.git
cd keycloak-quickstarts/user-storage-jpa
mvn package
cp target/user-storage-jpa-example.jar <keycloak>/providers/
docker build -t keycloak_test_image .
docker run --rm -it keycloak_test_image

By removing the user-storage-jpa-example.jar, server starts up fine.

Anything else?

Related issue #303

Describe the bug

When i want to compile and generate a jar from project keycloak-user-storage-properties i have errors like :
[ERROR] /home/florian/Documents/perso/keycloak-quickstarts/user-storage-simple/src/main/java/org/keycloak/quickstart/writeable/PropertyFileUserStorageProvider.java:[53,8]

Here we must implements methods from :
UserStorageProvider,
UserLookupProvider,
CredentialInputValidator,
CredentialInputUpdater,
UserRegistrationProvider,
UserQueryProvider

Version

20.0

Expected behavior

A build success

Actual behavior

A build failure

How to Reproduce?

Checkout the 20.0 and try to clean install in java 11.0

Anything else?

I have already fork the project, and fix on my fork.
Btw it's my first open source contribution so if somethings is missing tell me.

Describe the bug

It seems there are few test failures, which are probably caused by OIDC RP-Initiated Logout keycloak/keycloak#10885 . Some details:

Tests in error: 
  ArquillianAuthzUMATest.testRequestEntitlements:181 » NoSuchElement no such ele...
  ArquillianAuthzUMATest.testShareResource:200 » NoSuchElement no such element: ...
....
Tests in error: 
  ArquillianAuthzUMATest.testShareResource:170 » NoSuchElement no such element: ...
....

Results :

Tests in error: 
  ArquillianJeeHtml5Test.testAdminWithAuthAndRole:145 » NoSuchElement no such el...

Tests run: 5, Failures: 0, Errors: 1, Skipped: 0
.....

 FAILED TESTS:
- app-authz-photoz
- app-authz-uma-photoz
- app-jee-html5
Check individual logs for details

Version

18.0.0-SNAPSHOT

Describe the bug

docker run quay.io/keycloak/keycloak:17.0.0

new realm with config json from app-authz-spring-security/config/quickstart-realm.json version(17.0.0)

Version

17.0.0 16.1.1

Expected behavior

import success.

Actual behavior

show:

Error! An unexpected server error has occurred

the server log:

2022-02-13 13:15:16,610 ERROR [org.keycloak.services.error.KeycloakErrorHandler] (executor-thread-7) Uncaught server error: java.lang.NullPointerException
	at org.keycloak.models.utils.RepresentationToModel.toModel(RepresentationToModel.java:2466)
	at org.keycloak.authorization.AuthorizationProvider$3.create(AuthorizationProvider.java:351)
	at org.keycloak.models.utils.RepresentationToModel.importPolicies(RepresentationToModel.java:2392)
	at org.keycloak.models.utils.RepresentationToModel.toModel(RepresentationToModel.java:2340)
	at org.keycloak.models.utils.RepresentationToModel.importAuthorizationSettings(RepresentationToModel.java:2287)
	at org.keycloak.models.utils.RepresentationToModel.lambda$importRealmAuthorizationSettings$9(RepresentationToModel.java:2265)
	at java.base/java.util.ArrayList.forEach(ArrayList.java:1541)
	at org.keycloak.models.utils.RepresentationToModel.importRealmAuthorizationSettings(RepresentationToModel.java:2263)
	at org.keycloak.models.utils.RepresentationToModel.importRealm(RepresentationToModel.java:431)
	at org.keycloak.services.managers.RealmManager.importRealm(RealmManager.java:557)
	at org.keycloak.services.managers.RealmManager.importRealm(RealmManager.java:495)
	at org.keycloak.services.resources.admin.RealmsAdminResource.importRealm(RealmsAdminResource.java:133)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:566)
	at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:170)
	at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:130)
	at org.jboss.resteasy.core.ResourceMethodInvoker.internalInvokeOnTarget(ResourceMethodInvoker.java:660)
	at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTargetAfterFilter(ResourceMethodInvoker.java:524)
	at org.jboss.resteasy.core.ResourceMethodInvoker.lambda$invokeOnTarget$2(ResourceMethodInvoker.java:474)
	at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:364)
	at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:476)
	at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:434)
	at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:192)
	at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:141)
	at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:32)
	at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:492)
	at org.jboss.resteasy.core.SynchronousDispatcher.lambda$invoke$4(SynchronousDispatcher.java:261)
	at org.jboss.resteasy.core.SynchronousDispatcher.lambda$preprocess$0(SynchronousDispatcher.java:161)
	at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:364)
	at org.jboss.resteasy.core.SynchronousDispatcher.preprocess(SynchronousDispatcher.java:164)
	at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:247)
	at io.quarkus.resteasy.runtime.standalone.RequestDispatcher.service(RequestDispatcher.java:73)
	at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.dispatch(VertxRequestHandler.java:151)
	at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.handle(VertxRequestHandler.java:82)
	at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.handle(VertxRequestHandler.java:42)
	at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1212)
	at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:163)
	at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:141)
	at io.quarkus.vertx.http.runtime.StaticResourcesRecorder$2.handle(StaticResourcesRecorder.java:67)
	at io.quarkus.vertx.http.runtime.StaticResourcesRecorder$2.handle(StaticResourcesRecorder.java:55)
	at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1212)
	at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:163)
	at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:141)
	at io.quarkus.vertx.http.runtime.VertxHttpRecorder$5.handle(VertxHttpRecorder.java:362)
	at io.quarkus.vertx.http.runtime.VertxHttpRecorder$5.handle(VertxHttpRecorder.java:340)
	at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1212)
	at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:163)
	at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:141)
	at org.keycloak.quarkus.runtime.integration.web.QuarkusRequestFilter.lambda$createBlockingHandler$1(QuarkusRequestFilter.java:66)
	at io.vertx.core.impl.ContextImpl.lambda$null$0(ContextImpl.java:159)
	at io.vertx.core.impl.AbstractContext.dispatch(AbstractContext.java:100)
	at io.vertx.core.impl.ContextImpl.lambda$executeBlocking$1(ContextImpl.java:157)
	at io.quarkus.vertx.core.runtime.VertxCoreRecorder$13.runWith(VertxCoreRecorder.java:543)
	at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2449)
	at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1478)
	at org.jboss.threads.DelegatingRunnable.run(DelegatingRunnable.java:29)
	at org.jboss.threads.ThreadLocalResettingRunnable.run(ThreadLocalResettingRunnable.java:29)
	at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
	at java.base/java.lang.Thread.run(Thread.java:829)

How to Reproduce?

keycloak.mysql.sql

create database keycloak CHARACTER SET utf8 COLLATE utf8_unicode_ci;

docker-compose.yml

version: "3.1"
services:
  server-db:
    container_name: server-db
    hostname: server-db
    image: mysql:5.7
    restart: always
    ports:
      - "4101:3306"
    expose:
      - 3306
    environment:
      MYSQL_ROOT_PASSWORD: root
    volumes:
      - ./server/initdb.d:/docker-entrypoint-initdb.d
    command: --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci --lower-case-table-names=1 --wait-timeout=7200 --interactive-timeout=7200 --max-connections=2048
  keycloak:
    container_name: keycloak
    hostname: keycloak
    restart: always
    image: quay.io/keycloak/keycloak:17.0.0
    environment:
      DB_VENDOR: MYSQL
      DB_ADDR: server-db
      DB_DATABASE: keycloak
      DB_USER: root
      DB_PASSWORD: root
      KEYCLOAK_ADMIN: admin
      KEYCLOAK_ADMIN_PASSWORD: admin
      # Uncomment the line below if you want to specify JDBC parameters. The parameter below is just an example, and it shouldn't be used in production without knowledge. It is highly recommended that you read the MySQL JDBC driver documentation in order to use it.
      JDBC_PARAMS: "useUnicode=true&characterEncoding=UTF-8&useSSL=false"
    command:
      - start-dev
    ports:
      - "8180:8080"
    expose:
      - 8080
    depends_on:
      - server-db

• login admin console
• add realm
• select app-authz-spring-security/config/quickstart-realm.json and submit

Anything else?

16.1.1 version docker image has the same response.

Describe the bug

The API change has been introduced in this issue:
keycloak/keycloak#11189

Version

999-SNAPSHOT

Describe the bug

The tests fail on GitHub actions most of the time and sometimes pass. Locally, they complete. It might be a timing issue.

2022-06-20T07:55:28.5584987Z Tests in error: 
2022-06-20T07:55:28.5585838Z   ArquillianJeeHtml5Test.testAdminResource:132 » Timeout Expected condition fail...
2022-06-20T07:55:28.5586434Z   ArquillianJeeHtml5Test.testAdminWithAuthAndRole:147 » Timeout Expected conditi...

Version

999-SNAPSHOT

Description

The current quickstart of Node.js example, uses var keyword for all variable declarations. Instead we should use const or let.

Discussion

No response

Motivation

It is preferably to use const or let keyword when declaring a variable, as global scope declaration is main source of bugs in JavaScript.

Details

No response

Describe the bug

When running the quickstart compile action on the main Keycloak repository, the quickstarts fail with the following message:

Legacy WildFly security layer is no longer supported by the Keycloak WildFly adapter

$ grep -E '(Z Caused by:.*Legacy WildFly security layer is no longer supported by the Keycloak WildFly adapter|Running tests for)' qs1.txt
Running tests for action-token-authenticator QS
Running tests for action-token-required-action QS
Running tests for app-authz-rest-springboot QS
Running tests for app-authz-spring-security QS
Running tests for app-authz-springboot QS
Running tests for app-authz-springboot-multitenancy QS
Running tests for app-authz-jee-servlet QS
Caused by: java.lang.RuntimeException: Legacy WildFly security layer is no longer supported by the Keycloak WildFly adapter
Running tests for app-authz-jee-vanilla QS
Caused by: java.lang.RuntimeException: Legacy WildFly security layer is no longer supported by the Keycloak WildFly adapter
Running tests for app-authz-photoz QS
Caused by: java.lang.RuntimeException: Legacy WildFly security layer is no longer supported by the Keycloak WildFly adapter
Running tests for app-authz-rest-employee QS
Running tests for app-authz-uma-photoz QS
Caused by: java.lang.RuntimeException: Legacy WildFly security layer is no longer supported by the Keycloak WildFly adapter
Running tests for app-jee-html5 QS
Caused by: java.lang.RuntimeException: Legacy WildFly security layer is no longer supported by the Keycloak WildFly adapter
Running tests for app-jee-jsp QS
Caused by: java.lang.RuntimeException: Legacy WildFly security layer is no longer supported by the Keycloak WildFly adapter
Running tests for app-profile-jee-html5 QS
Caused by: java.lang.RuntimeException: Legacy WildFly security layer is no longer supported by the Keycloak WildFly adapter
Running tests for app-profile-jee-jsp QS
Caused by: java.lang.RuntimeException: Legacy WildFly security layer is no longer supported by the Keycloak WildFly adapter
Running tests for app-profile-jee-vanilla QS
Caused by: java.lang.RuntimeException: Legacy WildFly security layer is no longer supported by the Keycloak WildFly adapter
Running tests for app-profile-saml-jee-jsp QS
Caused by: java.lang.RuntimeException: Legacy WildFly security layer is no longer supported by the Keycloak WildFly adapter
Running tests for event-listener-sysout QS
Running tests for event-store-mem QS
Running tests for extend-account-console QS
Running tests for service-jee-jaxrs QS
Caused by: java.lang.RuntimeException: Legacy WildFly security layer is no longer supported by the Keycloak WildFly adapter
Running tests for service-springboot-rest QS
Running tests for user-storage-jpa-legacy QS
Running tests for user-storage-simple QS
Running tests for app-springboot QS

Version

999-SNAPSHOT

Description

The [https://github.com/keycloak/keycloak-quickstarts/tree/latest/user-storage-jpa](user-storage-jpa example) is still based on Wildfly.
How to migrate to Quarkus?

Discussion

No response

Motivation

We have a custom user storage provider based on the example user-storage-jpa.
We have to migrate to Keycloak based on Quarkus until June 2022.
It would be very helpful if you could update the example to work with the Quarkus distribution.

Details

No response

Appears that there some mvn dependency issues,

Non-resolvable import POM: Failure to find org.keycloak.bom:keycloak-adapter-bom:pom:3.1.0.CR1-SNAPSHOT

Description

The "UserStorageJpa" example is based on the old keycloak Wildfly versione using JEE tecnology and maybe I think it will have to be upgraded, indicating hot to create an additional datasource for external legacy DB and so on.

Discussion

No response

Motivation

It should be added beacause people should know hot to integrate an existing users legacy database where keycloak can read users data.

Details

No response

Describe the bug

After migrating from keycloak 3.1.0 to keycloak 18.0.1

we are getting issue with multiple policies/permission.

Policy A - user A with scope A,B,C works fine.
Policy B - user B with scope B,C,D gives 403.
Policy C - user C with scope C,D,E gives 403.

If User B is added to Policy A it works fine and retunes combined result of scope A,B,C,D.

For User C we need to this add this user to both policy A,B and it works fine and retunes combined result of scope A,B,C,D,E.

We want this to work independently. For user B and C to work by adding them to policy B for user B and policy C for user C.

Both Policies are Positive and Both Permissions are Affirmative.

In Evaluate page it shows as expected but from Postman it gives error.

Version

keycloak-18.0.1

Expected behavior

We want this to work independently.
For user B and C to work by adding them to policy B for user B and policy C for user C.

This was working fine in keycloak 3.1.0

Actual behavior

Policy A - user A with scope A,B,C works fine.
Policy B - user B with scope B,C,D gives 403.
Policy C - user C with scope C,D,E gives 403.

If User B is added to Policy A it works fine and retunes combined result of scope A,B,C,D.

For User C we need to this add this user to both policy A,B and it works fine and retunes combined result of scope A,B,C,D,E.

How to Reproduce?

Create a client.
Add Authorization to the client
Create Permission, policies and scopes.

Assign User and scopes to each policy.

The first created permission/policy works fine.
The Second created permission/policy gives 403. But if this user is assigned to first permission/policy then it works fine but it returns both scopes from first and second permission

Anything else?

No response

Description

I trying to deploy cluster on two virtual machines for getting fail-safe configuration.
According to the official documentation, you need to configure the distributed caches. https://www.keycloak.org/server/caching
But here I don't find where I can clearly indicate ip 2nd node, if I run kc.sh start on 1st node and then on 2nd I see in logs this:
2022-03-20 11:39:16,981 INFO [org.infinispan.CLUSTER] (jgroups-8,vm-keycloak-01-52670) ISPN000094: Received new cluster view for channel ISPN: [vm-keycloak-01-52670|1] (2) [vm-keycloak-01-52670, vm-keycloak-02-22937] 2022-03-20 11:39:16,988 INFO [org.infinispan.CLUSTER] (jgroups-8,vm-keycloak-01-52670) ISPN100000: Node vm-keycloak-02-22937 joined the cluster 2022-03-20 11:39:17,441 INFO [org.infinispan.CLUSTER] (jgroups-12,vm-keycloak-01-52670) [Context=authenticationSessions] ISPN100002: Starting rebalance with members [vm-keycloak-01-52670, vm-keycloak-02-22937], phase READ_OLD_WRITE_ALL, topology id 2 2022-03-20 11:39:17,666 INFO [org.infinispan.CLUSTER] (jgroups-12,vm-keycloak-01-52670) [Context=authenticationSessions] ISPN100009: Advancing to rebalance phase READ_ALL_WRITE_ALL, topology id 3 2022-03-20 11:39:17,682 INFO [org.infinispan.CLUSTER] (jgroups-12,vm-keycloak-01-52670) [Context=authenticationSessions] ISPN100009: Advancing to rebalance phase READ_NEW_WRITE_ALL, topology id 4 2022-03-20 11:39:17,690 INFO [org.infinispan.CLUSTER] (jgroups-12,vm-keycloak-01-52670) [Context=authenticationSessions] ISPN100010: Finished rebalance with members [vm-keycloak-01-52670, vm-keycloak-02-22937], topology id 5

If I understand correctly - keycloak make broadcast connection to all addresses and find where keycloak already works.
I am going to deploy two isolated clusters(test and prod) in one vlan, how can I hard code list of addresses for clusters?

Discussion

No response

Motivation

Make the cluster more manageable and add the ability to clearly set nodes addresses

Details

No response

Description

Keycloak 19 will no longer provide a Fuse adapter, so quickstarts can be removed

Discussion

No response

Motivation

No response

Details

No response

Description

When the Keycloak startup fails, the only log provided is the following:

Starting Keycloak.................................................. timeout!
Error: Process completed with exit code 1.

This is not helpful to find the cause. Therefore it should output the log of the Keycloak server that might show exceptions or other information.

Discussion

main

Motivation

Provide more information to analyze build failures.

Details

No response

Hi, in app-authz-springboot/ , there is a dependency org.apache.tomcat.embed:tomcat-embed-core:8.5.31 that calls the risk method.

CVE-2019-17563

The scope of this CVE affected version is [9.0.0.M1, 9.0.30),[8.5.0,8.5.50),[,7.0.99)

After further analysis, in this project, the main Api called is org.apache.catalina.authenticator.AuthenticatorBase: register(org.apache.catalina.connector.Request,javax.servlet.http.HttpServletResponse,java.security.Principal,java.lang.String,java.lang.String,java.lang.String,boolean,boolean)V

Risk method repair link : GitHub

CVE Bug Invocation Path--

Path Length : 5

org.keycloak.quickstart.springboot.web.ApplicationController: handleLogoutt()Ljava.lang.String; .m2/repository/org/springframework/boot/spring-boot-starter-web/2.0.3.RELEASE/spring-boot-starter-web-2.0.3.RELEASE.jar
org.apache.catalina.connector.Request: logout()V .m2/repository/org/keycloak/keycloak-crypto-default/19.0.3/keycloak-crypto-default-19.0.3.jar
org.apache.catalina.authenticator.AuthenticatorBase: logout(org.apache.catalina.connector.Request)V .m2/repository/org/keycloak/keycloak-crypto-default/19.0.3/keycloak-crypto-default-19.0.3.jar
org.apache.catalina.authenticator.AuthenticatorBase:register(org.apache.catalina.connector.Request,javax.servlet.http.HttpServletResponse,java.security.Principal,java.lang.String,java.lang.String,java.lang.String)V .m2/repository/org/keycloak/keycloak-crypto-default/19.0.3/keycloak-crypto-default-19.0.3.jar
org.apache.catalina.authenticator.AuthenticatorBase:register(org.apache.catalina.connector.Request,javax.servlet.http.HttpServletResponse,java.security.Principal,java.lang.String,java.lang.String,java.lang.String,boolean,boolean)V

Dependency tree--

[INFO] org.keycloak.quickstarts:app-authz-springboot:jar:19.0.3
[INFO] +- org.springframework.boot:spring-boot-starter-freemarker:jar:2.0.3.RELEASE:compile
[INFO] |  +- org.springframework.boot:spring-boot-starter:jar:2.0.3.RELEASE:compile
[INFO] |  |  +- org.springframework.boot:spring-boot:jar:2.0.3.RELEASE:compile
[INFO] |  |  +- org.springframework.boot:spring-boot-autoconfigure:jar:2.0.3.RELEASE:compile
[INFO] |  |  +- org.springframework.boot:spring-boot-starter-logging:jar:2.0.3.RELEASE:compile
[INFO] |  |  |  +- ch.qos.logback:logback-classic:jar:1.2.3:compile
[INFO] |  |  |  |  \- ch.qos.logback:logback-core:jar:1.2.3:compile
[INFO] |  |  |  +- org.apache.logging.log4j:log4j-to-slf4j:jar:2.10.0:compile
[INFO] |  |  |  |  \- org.apache.logging.log4j:log4j-api:jar:2.10.0:compile
[INFO] |  |  |  \- org.slf4j:jul-to-slf4j:jar:1.7.25:compile
[INFO] |  |  +- javax.annotation:javax.annotation-api:jar:1.3.2:compile
[INFO] |  |  \- org.yaml:snakeyaml:jar:1.19:runtime
[INFO] |  +- org.freemarker:freemarker:jar:2.3.28:compile
[INFO] |  \- org.springframework:spring-context-support:jar:5.0.7.RELEASE:compile
[INFO] |     +- org.springframework:spring-beans:jar:5.0.7.RELEASE:compile
[INFO] |     \- org.springframework:spring-context:jar:5.0.7.RELEASE:compile
[INFO] +- org.springframework.boot:spring-boot-starter-web:jar:2.0.3.RELEASE:compile
[INFO] |  +- org.springframework.boot:spring-boot-starter-json:jar:2.0.3.RELEASE:compile
[INFO] |  |  +- com.fasterxml.jackson.datatype:jackson-datatype-jdk8:jar:2.9.6:compile
[INFO] |  |  +- com.fasterxml.jackson.datatype:jackson-datatype-jsr310:jar:2.9.6:compile
[INFO] |  |  \- com.fasterxml.jackson.module:jackson-module-parameter-names:jar:2.9.6:compile
[INFO] |  +- org.springframework.boot:spring-boot-starter-tomcat:jar:2.0.3.RELEASE:compile
[INFO] |  |  +- org.apache.tomcat.embed:tomcat-embed-core:jar:8.5.31:compile
[INFO] |  |  +- org.apache.tomcat.embed:tomcat-embed-el:jar:8.5.31:compile
[INFO] |  |  \- org.apache.tomcat.embed:tomcat-embed-websocket:jar:8.5.31:compile
[INFO] |  +- org.hibernate.validator:hibernate-validator:jar:6.0.10.Final:compile
[INFO] |  |  +- javax.validation:validation-api:jar:2.0.1.Final:compile
[INFO] |  |  +- org.jboss.logging:jboss-logging:jar:3.3.2.Final:compile
[INFO] |  |  \- com.fasterxml:classmate:jar:1.3.4:compile
[INFO] |  +- org.springframework:spring-web:jar:5.0.7.RELEASE:compile
[INFO] |  \- org.springframework:spring-webmvc:jar:5.0.7.RELEASE:compile
[INFO] |     +- org.springframework:spring-aop:jar:5.0.7.RELEASE:compile
[INFO] |     \- org.springframework:spring-expression:jar:5.0.7.RELEASE:compile
[INFO] +- org.keycloak:keycloak-spring-boot-starter:jar:19.0.3:compile
[INFO] |  +- org.keycloak:keycloak-spring-boot-2-adapter:jar:19.0.3:compile
[INFO] |  |  +- org.keycloak:keycloak-spring-boot-adapter-core:jar:19.0.3:compile
[INFO] |  |  \- org.keycloak:keycloak-core:jar:19.0.3:compile
[INFO] |  +- org.keycloak:keycloak-authz-client:jar:19.0.3:compile
[INFO] |  +- org.keycloak:spring-boot-container-bundle:jar:19.0.3:compile
[INFO] |  |  \- org.keycloak:keycloak-adapter-core:jar:19.0.3:compile
[INFO] |  |     \- org.keycloak:keycloak-crypto-default:jar:19.0.3:compile
[INFO] |  \- org.keycloak:keycloak-spring-security-adapter:jar:19.0.3:compile
[INFO] |     +- org.keycloak:keycloak-adapter-spi:jar:19.0.3:compile
[INFO] |     +- org.slf4j:slf4j-api:jar:1.7.25:compile
[INFO] |     \- org.bouncycastle:bcprov-jdk15on:jar:1.68:compile
[INFO] +- org.apache.httpcomponents:httpclient:jar:4.5.2:compile
[INFO] |  +- org.apache.httpcomponents:httpcore:jar:4.4.9:compile
[INFO] |  \- commons-codec:commons-codec:jar:1.11:compile
[INFO] +- org.springframework.boot:spring-boot-starter-test:jar:2.0.3.RELEASE:test
[INFO] |  +- org.springframework.boot:spring-boot-test:jar:2.0.3.RELEASE:test
[INFO] |  +- org.springframework.boot:spring-boot-test-autoconfigure:jar:2.0.3.RELEASE:test
[INFO] |  +- com.jayway.jsonpath:json-path:jar:2.4.0:test
[INFO] |  |  \- net.minidev:json-smart:jar:2.3:test
[INFO] |  |     \- net.minidev:accessors-smart:jar:1.2:test
[INFO] |  |        \- org.ow2.asm:asm:jar:5.0.4:test
[INFO] |  +- org.assertj:assertj-core:jar:3.9.1:test
[INFO] |  +- org.mockito:mockito-core:jar:2.15.0:test
[INFO] |  |  +- net.bytebuddy:byte-buddy:jar:1.7.11:test
[INFO] |  |  +- net.bytebuddy:byte-buddy-agent:jar:1.7.11:test
[INFO] |  |  \- org.objenesis:objenesis:jar:2.6:test
[INFO] |  +- org.hamcrest:hamcrest-core:jar:1.3:test
[INFO] |  +- org.hamcrest:hamcrest-library:jar:1.3:test
[INFO] |  +- org.skyscreamer:jsonassert:jar:1.5.0:test
[INFO] |  |  \- com.vaadin.external.google:android-json:jar:0.0.20131108.vaadin1:test
[INFO] |  +- org.springframework:spring-core:jar:5.0.7.RELEASE:compile
[INFO] |  |  \- org.springframework:spring-jcl:jar:5.0.7.RELEASE:compile
[INFO] |  +- org.springframework:spring-test:jar:5.0.7.RELEASE:test
[INFO] |  \- org.xmlunit:xmlunit-core:jar:2.5.1:test
[INFO] +- org.keycloak:keycloak-test-helper:jar:19.0.3:test
[INFO] |  +- org.keycloak:keycloak-client-registration-api:jar:19.0.3:test
[INFO] |  +- org.keycloak:keycloak-admin-client:jar:19.0.3:test
[INFO] |  |  +- org.keycloak:keycloak-common:jar:19.0.3:compile
[INFO] |  |  +- org.jboss.resteasy:resteasy-multipart-provider:jar:3.7.0.Final:test
[INFO] |  |  |  +- com.sun.mail:javax.mail:jar:1.6.1:test
[INFO] |  |  |  \- org.apache.james:apache-mime4j:jar:0.6:test
[INFO] |  |  \- org.jboss.resteasy:resteasy-jaxb-provider:jar:3.7.0.Final:test
[INFO] |  +- org.jboss.resteasy:resteasy-client:jar:3.7.0.Final:test
[INFO] |  |  +- org.jboss.spec.javax.ws.rs:jboss-jaxrs-api_2.1_spec:jar:1.0.1.Final:test
[INFO] |  |  \- org.jboss.resteasy:resteasy-jaxrs:jar:3.7.0.Final:test
[INFO] |  |     +- org.jboss.spec.javax.xml.bind:jboss-jaxb-api_2.3_spec:jar:1.0.1.Final:test
[INFO] |  |     +- org.reactivestreams:reactive-streams:jar:1.0.2:test
[INFO] |  |     +- org.jboss.spec.javax.annotation:jboss-annotations-api_1.3_spec:jar:1.0.1.Final:test
[INFO] |  |     +- javax.activation:activation:jar:1.1.1:test
[INFO] |  |     \- net.jcip:jcip-annotations:jar:1.0:test
[INFO] |  +- org.jboss.resteasy:resteasy-jackson2-provider:jar:3.7.0.Final:test
[INFO] |  |  +- com.fasterxml.jackson.jaxrs:jackson-jaxrs-json-provider:jar:2.9.6:test
[INFO] |  |  |  +- com.fasterxml.jackson.jaxrs:jackson-jaxrs-base:jar:2.9.6:test
[INFO] |  |  |  \- com.fasterxml.jackson.module:jackson-module-jaxb-annotations:jar:2.9.6:test
[INFO] |  |  \- com.github.fge:json-patch:jar:1.3:test
[INFO] |  |     \- com.github.fge:jackson-coreutils:jar:1.0:test
[INFO] |  \- org.keycloak:keycloak-services:jar:19.0.3:test
[INFO] |     +- org.bouncycastle:bcpkix-jdk15on:jar:1.68:compile
[INFO] |     +- com.sun.mail:jakarta.mail:jar:1.6.5:test
[INFO] |     |  \- com.sun.activation:jakarta.activation:jar:1.2.1:test
[INFO] |     +- org.glassfish:jakarta.json:jar:1.1.6:test
[INFO] |     +- org.twitter4j:twitter4j-core:jar:4.0.7:test
[INFO] |     +- org.jboss.spec.javax.transaction:jboss-transaction-api_1.3_spec:jar:2.0.0.Final:test
[INFO] |     +- com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer:jar:20211018.2:test
[INFO] |     +- com.google.zxing:javase:jar:3.4.0:test
[INFO] |     |  +- com.google.zxing:core:jar:3.4.0:test
[INFO] |     |  \- com.github.jai-imageio:jai-imageio-core:jar:1.4.0:test
[INFO] |     \- com.webauthn4j:webauthn4j-core:jar:0.20.0.RELEASE:test
[INFO] |        +- com.webauthn4j:webauthn4j-util:jar:0.20.0.RELEASE:test
[INFO] |        +- org.apache.kerby:kerby-asn1:jar:2.0.2:test
[INFO] |        +- com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:jar:2.9.6:test
[INFO] |        \- org.checkerframework:checker-qual:jar:3.22.0:test
[INFO] +- net.sourceforge.htmlunit:htmlunit:jar:2.29:test
[INFO] |  +- xalan:xalan:jar:2.7.2:test
[INFO] |  |  \- xalan:serializer:jar:2.7.2:test
[INFO] |  +- org.apache.commons:commons-lang3:jar:3.7:test
[INFO] |  +- org.apache.commons:commons-text:jar:1.2:test
[INFO] |  +- org.apache.httpcomponents:httpmime:jar:4.5.5:test
[INFO] |  +- net.sourceforge.htmlunit:htmlunit-core-js:jar:2.28:test
[INFO] |  +- net.sourceforge.htmlunit:neko-htmlunit:jar:2.28:test
[INFO] |  |  \- xerces:xercesImpl:jar:2.11.0:test
[INFO] |  |     \- xml-apis:xml-apis:jar:1.4.01:test
[INFO] |  +- net.sourceforge.cssparser:cssparser:jar:0.9.24:test
[INFO] |  |  \- org.w3c.css:sac:jar:1.3:test
[INFO] |  +- commons-io:commons-io:jar:2.5:test
[INFO] |  +- commons-net:commons-net:jar:3.6:test
[INFO] |  \- org.eclipse.jetty.websocket:websocket-client:jar:9.4.11.v20180605:test
[INFO] |     +- org.eclipse.jetty:jetty-client:jar:9.4.11.v20180605:test
[INFO] |     |  \- org.eclipse.jetty:jetty-http:jar:9.4.11.v20180605:test
[INFO] |     +- org.eclipse.jetty:jetty-xml:jar:9.4.11.v20180605:test
[INFO] |     +- org.eclipse.jetty:jetty-util:jar:9.4.11.v20180605:test
[INFO] |     +- org.eclipse.jetty:jetty-io:jar:9.4.11.v20180605:test
[INFO] |     \- org.eclipse.jetty.websocket:websocket-common:jar:9.4.11.v20180605:test
[INFO] |        \- org.eclipse.jetty.websocket:websocket-api:jar:9.4.11.v20180605:test
[INFO] +- org.seleniumhq.selenium:selenium-api:jar:3.9.1:test
[INFO] +- org.seleniumhq.selenium:htmlunit-driver:jar:2.29.3:test
[INFO] |  \- org.seleniumhq.selenium:selenium-support:jar:3.9.1:test
[INFO] |     +- org.seleniumhq.selenium:selenium-remote-driver:jar:3.9.1:test
[INFO] |     +- org.apache.commons:commons-exec:jar:1.3:test
[INFO] |     +- com.google.code.gson:gson:jar:2.8.5:test
[INFO] |     +- com.google.guava:guava:jar:25.0-jre:test
[INFO] |     +- com.squareup.okhttp3:okhttp:jar:3.9.1:test
[INFO] |     \- com.squareup.okio:okio:jar:1.13.0:test
[INFO] +- org.glassfish:javax.json:jar:1.1.2:compile
[INFO] |  \- javax.json:javax.json-api:jar:1.1.2:compile
[INFO] +- org.eclipse:yasson:jar:1.0.8:compile
[INFO] |  +- jakarta.json.bind:jakarta.json.bind-api:jar:1.0.2:compile
[INFO] |  +- jakarta.json:jakarta.json-api:jar:1.1.6:compile
[INFO] |  \- org.glassfish:jakarta.json:jar:module:1.1.6:compile
[INFO] +- org.jboss.arquillian.junit:arquillian-junit-container:jar:1.4.0.Final:test
[INFO] |  +- org.jboss.arquillian.junit:arquillian-junit-core:jar:1.4.0.Final:test
[INFO] |  +- org.jboss.arquillian.test:arquillian-test-api:jar:1.4.0.Final:test
[INFO] |  |  \- org.jboss.arquillian.core:arquillian-core-api:jar:1.4.0.Final:test
[INFO] |  +- org.jboss.arquillian.test:arquillian-test-spi:jar:1.4.0.Final:test
[INFO] |  |  \- org.jboss.arquillian.core:arquillian-core-spi:jar:1.4.0.Final:test
[INFO] |  +- org.jboss.arquillian.container:arquillian-container-test-api:jar:1.4.0.Final:test
[INFO] |  |  +- org.jboss.shrinkwrap:shrinkwrap-api:jar:1.2.6:test
[INFO] |  |  \- org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-api-base:jar:2.0.0:test
[INFO] |  +- org.jboss.arquillian.container:arquillian-container-test-spi:jar:1.4.0.Final:test
[INFO] |  |  \- org.jboss.arquillian.container:arquillian-container-spi:jar:1.4.0.Final:test
[INFO] |  +- org.jboss.arquillian.core:arquillian-core-impl-base:jar:1.4.0.Final:test
[INFO] |  +- org.jboss.arquillian.test:arquillian-test-impl-base:jar:1.4.0.Final:test
[INFO] |  +- org.jboss.arquillian.container:arquillian-container-impl-base:jar:1.4.0.Final:test
[INFO] |  |  +- org.jboss.arquillian.config:arquillian-config-api:jar:1.4.0.Final:test
[INFO] |  |  +- org.jboss.arquillian.config:arquillian-config-impl-base:jar:1.4.0.Final:test
[INFO] |  |  |  \- org.jboss.arquillian.config:arquillian-config-spi:jar:1.4.0.Final:test
[INFO] |  |  \- org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-spi:jar:2.0.0:test
[INFO] |  +- org.jboss.arquillian.container:arquillian-container-test-impl-base:jar:1.4.0.Final:test
[INFO] |  \- org.jboss.shrinkwrap:shrinkwrap-impl-base:jar:1.2.6:test
[INFO] |     \- org.jboss.shrinkwrap:shrinkwrap-spi:jar:1.2.6:test
[INFO] +- junit:junit:jar:4.12:test
[INFO] \- com.fasterxml.jackson.core:jackson-databind:jar:2.9.5:compile
[INFO]    +- com.fasterxml.jackson.core:jackson-annotations:jar:2.9.0:compile
[INFO]    \- com.fasterxml.jackson.core:jackson-core:jar:2.9.6:compile

Suggested solutions:

Update dependency version

Thank you very much.

Version

latest

Expected behavior

No response

Actual behavior

No response

How to Reproduce?

No response

Anything else?

No response

Description

Integration tests and GitHub actions, as well as steps within quickstarts needs to be updated to use the Quarkus distribution.

Discussion

No response

Motivation

No response

Details

No response

Describe the bug

I can not be import file [keycloak-quickstarts/app-authz-uma-photoz/photoz-realm.json] to keycloak15.0.2
can you update the latest realm.json for me.
Thank you !

Version

15.02

Expected behavior

No response

Actual behavior

No response

How to Reproduce?

No response

Anything else?

No response

Description

The QuickStarts documentation should be updated to target the new Quarkus based distribution. At the same time it would make sense to remove '/auth' from the Keycloak URLs as the Quarkus dist doesn't include this by default.

Discussion

No response

Motivation

No response

Details

No response

Describe the bug

In the past, using below command from https://www.keycloak.org/getting-started/getting-started-openshift :

$ oc process -f https://raw.githubusercontent.com/keycloak/keycloak-quickstarts/latest/openshift-examples/keycloak.yaml \
    -p KEYCLOAK_USER=admin \
    -p KEYCLOAK_PASSWORD=admin \
    -p NAMESPACE=keycloak \
| oc create -f -
service/keycloak created
route.route.openshift.io/keycloak created
deploymentconfig.apps.openshift.io/keycloak created

The keycloak pod can be Running. But now, it is CrashLoopBackOff:

$ oc get po
NAME                READY   STATUS             RESTARTS      AGE
keycloak-1-6pmv9    0/1     CrashLoopBackOff   5 (24s ago)   3m27s
keycloak-1-deploy   1/1     Running            0             3m31s
$ oc describe po keycloak-1-6pmv9
...
Events:
...
  Normal   Pulled     2m41s (x4 over 3m33s)  kubelet            Container image "quay.io/keycloak/keycloak:17.0.0" already present on machine
...
  Warning  BackOff    2m8s (x13 over 3m31s)  kubelet            Back-off restarting failed container
$ oc logs keycloak-1-6pmv9
Keycloak - Open Source Identity and Access Management

Find more information at: https://www.keycloak.org/docs/latest

Usage:

kc.sh [OPTIONS] [COMMAND]
...
  Please, take a look at the documentation for more details before deploying in
production.

Use "kc.sh start --help" for the available options when starting the server.
Use "kc.sh <command> --help" for more information about other commands.

Looks like quay.io/keycloak/keycloak:17.0.0 does not set additional necessary arguments for kc.sh to start up. It only sets:

      Entrypoint:
      - /opt/keycloak/bin/kc.sh
      Env:
      - PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
      - container=oci

Either quay.io/keycloak/keycloak:17.0.0 should be updated with full args for start-up, or openshift-examples/keycloak.yaml needs be updated with those full args.

Version

17.0.0

Expected behavior

See above, pod should be Running

Actual behavior

See above, pod is CrashLoopBackOff

How to Reproduce?

See above

Anything else?

None

Description

We currently need to use empty volume mounts to work around the OpenShift security constrains that prevent pods from creating files related to the H2. We should reconsider this and ideally remove this workaround.

Discussion

No response

Motivation

No response

Details

No response

Describe the bug

To get the app-profile-jee-vanilla Quick-start to work correctly you must have both the legacy Keycloak adapter and the Elytron adapter installed on Wildfly.

Changes should be made to the Getting Started docs to show what version of Wildfly should be used and also explaining that both adapters are sometimes required.
I was able to get it working with WIldfly 23.0.2. There is currently nothing about the Elytron adapter in the Getting Started Docs and it is severely outdated recommending use of Wildly 10 on wards.

This is an issues affecting the app-profile-jee-vanilla Quickstart but the main changes need to be made to the Getting Started Docs not the Quickstart itself.

Version

18.0.2 & 19.0.1

Expected behavior

Expected behavior from reading the docs is that only one adapter is required.

Actual behavior

Both the old and the current (Elytron) adapters are required for the application to work correctly.

How to Reproduce?

Follow the steps shown in app-profile-jee-vanilla.
When getting started install both the old and the current Wildfly/Keycloak adapters and follow the Quickstart as explained.

Anything else?

No response

Description

The getting-started steps on how to run the Keycloak server needs to be updated to Quarkus dist:
https://github.com/keycloak/keycloak-quickstarts/blob/latest/docs/getting-started.md

Discussion

No response

Motivation

No response

Details

No response

Describe the bug

The test fails. Reason is that the navigation is collapsed in the resolution the test browser uses.

Version

main

Describe the bug

I followed this feature: https://github.com/pedroigor/keycloak-quickstarts/tree/issue-10579/user-storage-jpa.

This is my conf/quarkus.properties:

quarkus.datasource."idp".db-kind=mariadb
quarkus.datasource."idp".username=root
quarkus.datasource."idp".password=****
quarkus.datasource."idp".jdbc.url=jdbc:mariadb://db:3306/idp?characterEncoding=UTF-8

This is my META-INF/persistence.xml (in a JAR dropped in the provider directory):

persistence.txt

Version

18.0.0

Expected behavior

session.getProvider(JpaConnectionProvider.class, "idp") should return a working provider, but returns null.

Actual behavior

I have an error when the application starts:

14 20:44:39,807 WARN [org.hibernate.engine.jdbc.env.internal.JdbcEnvironmentInitiator] (JPA Startup Thread: idp) HHH000342: Could not obtain connection to query metadata: java.lang.UnsupportedOperationException: The application must supply JDBC connections
at org.hibernate.engine.jdbc.connections.internal.UserSuppliedConnectionProviderImpl.getConnection(UserSuppliedConnectionProviderImpl.java:44)
at org.hibernate.engine.jdbc.env.internal.JdbcEnvironmentInitiator$ConnectionProviderJdbcConnectionAccess.obtainConnection(JdbcEnvironmentInitiator.java:181)
at org.hibernate.engine.jdbc.env.internal.JdbcEnvironmentInitiator.initiateService(JdbcEnvironmentInitiator.java:68)
at org.hibernate.engine.jdbc.env.internal.JdbcEnvironmentInitiator.initiateService(JdbcEnvironmentInitiator.java:35)
at org.hibernate.boot.registry.internal.StandardServiceRegistryImpl.initiateService(StandardServiceRegistryImpl.java:101)
at org.hibernate.service.internal.AbstractServiceRegistryImpl.createService(AbstractServiceRegistryImpl.java:263)
at org.hibernate.service.internal.AbstractServiceRegistryImpl.initializeService(AbstractServiceRegistryImpl.java:237)
at org.hibernate.service.internal.AbstractServiceRegistryImpl.getService(AbstractServiceRegistryImpl.java:214)
at org.hibernate.engine.jdbc.internal.JdbcServicesImpl.configure(JdbcServicesImpl.java:51)
at org.hibernate.boot.registry.internal.StandardServiceRegistryImpl.configureService(StandardServiceRegistryImpl.java:107)
at org.hibernate.service.internal.AbstractServiceRegistryImpl.initializeService(AbstractServiceRegistryImpl.java:246)
at org.hibernate.service.internal.AbstractServiceRegistryImpl.getService(AbstractServiceRegistryImpl.java:214)
at org.hibernate.boot.internal.SessionFactoryOptionsBuilder.(SessionFactoryOptionsBuilder.java:272)
at io.quarkus.hibernate.orm.runtime.recording.PrevalidatedQuarkusMetadata.buildSessionFactoryOptionsBuilder(PrevalidatedQuarkusMetadata.java:68)
at io.quarkus.hibernate.orm.runtime.boot.FastBootEntityManagerFactoryBuilder.build(FastBootEntityManagerFactoryBuilder.java:72)
at io.quarkus.hibernate.orm.runtime.FastBootHibernatePersistenceProvider.createEntityManagerFactory(FastBootHibernatePersistenceProvider.java:71)
at javax.persistence.Persistence.createEntityManagerFactory(Persistence.java:80)
at javax.persistence.Persistence.createEntityManagerFactory(Persistence.java:55)
at io.quarkus.hibernate.orm.runtime.JPAConfig$LazyPersistenceUnit.get(JPAConfig.java:138)
at io.quarkus.hibernate.orm.runtime.JPAConfig$1.run(JPAConfig.java:54)
at java.base/java.lang.Thread.run(Thread.java:829)

How to Reproduce?

No response

Anything else?

No response

Describe the bug

In Windows, just installed KeyCloak 17

Tried to open http://localhost:8080/auth/, getting Page Not Found

Version

17.0.0

Expected behavior

No response

Actual behavior

No response

How to Reproduce?

No response

Anything else?

No response

Describe the bug

Currently, it is not possible to run the user-storage-jpa quickstart due to keycloak/keycloak#10579.

We should update the quickstart to make it work with the new distribution while still keeping the module used to run the quickstart in the legacy distribution.

Version

17.0.0

Expected behavior

No response

Actual behavior

No response

How to Reproduce?

No response

Anything else?

No response

Describe the bug

Remove /auth from source code and documentation since it does not work (out of the box) on keycloak 18

Noticed at least here (I haven't checked other places): KeycloakConfigResolver in app-authz-springboot-multitenancy

where the line

config.setAuthServerUrl("http://localhost:8180/auth");

shall be replaced with

config.setAuthServerUrl("http://localhost:8180");

Dockerfile used to run keycloak:

services:
  keycloak:
    image: quay.io/keycloak/keycloak:18.0.0
    hostname: keycloak
    container_name: keycloak_18.0.0
    ports:
      - 8180:8080
    environment:
      DB_VENDOR: h2
      KEYCLOAK_ADMIN: admin
      KEYCLOAK_ADMIN_PASSWORD: admin
      JAVA_OPTS_APPEND: -Dkeycloak.profile.feature.admin_fine_grained_authz=enabled
    volumes:
      - ./config:/opt/keycloak/data/import
    entrypoint: ["/opt/keycloak/bin/kc.sh", "start-dev", "--import-realm"]

Version

18

Expected behavior

example app-authz-springboot-multitenancy should work out of the box without need to check why exception is thrown

Actual behavior

trying to invoke URLs from app-authz-springboot-multitenancy lead to the exception because keycloak tries to load config from http://localhost:8180/auth/realms/realm-a/.well-known/openid-configuration while actually working URL should be http://localhost:8180/realms/realm-a/.well-known/openid-configuration

How to Reproduce?

• create file docker-compose.yaml at folder app-authz-springboot-multitenancy with the content as follows:

services:
  keycloak:
    image: quay.io/keycloak/keycloak:18.0.0
    hostname: keycloak
    container_name: keycloak_18.0.0
    ports:
      - 8180:8080
    environment:
      DB_VENDOR: h2
      KEYCLOAK_ADMIN: admin
      KEYCLOAK_ADMIN_PASSWORD: admin
      JAVA_OPTS_APPEND: -Dkeycloak.profile.feature.admin_fine_grained_authz=enabled
    volumes:
      - ./config:/opt/keycloak/data/import
    entrypoint: ["/opt/keycloak/bin/kc.sh", "start-dev", "--import-realm"]

• docker-compose up
• run application app-authz-springboot-multitenancy
• try to open http://localhost:8080/realm-a in browser

Anything else?

all samples and docs shall be reviewed for having /auth in URL

Describe the bug

The following messages appear in the log, and were a distraction when I was fixing other problems with this build. That's why I raise this issue.

Those warning were present multiple times in the output when building the project:

Warning:  Using platform encoding (UTF-8 actually) to copy filtered resources, i.e. build is platform dependent!
Warning:  File encoding has not been set, using platform encoding UTF-8, i.e. build is platform dependent!
Warning:  Rule 0: org.apache.maven.plugins.enforcer.RequireFilesExist failed with message:
Some required files are missing:
/home/runner/work/keycloak-quickstarts/keycloak-quickstarts/app-authz-photoz/photoz-restful-api/src/test/resources/quickstart-realm.json
Warning:  JAR will be empty - no content was marked for inclusion!

Version

999-SNAPSHOT

Expected behavior

No response

Actual behavior

No response

How to Reproduce?

No response

Anything else?

No response

Description

There are still mentions of JIRA.

Discussion

No response

Motivation

No response

Details

No response

Describe the bug

In Authorization Policy user is not visible in the dropdown and it is not searchable.

Version

keycloak-19.0.3

Expected behavior

To display and search the users in dropdown

Actual behavior

Displaying a few users in list and it is not searchable too.

How to Reproduce?

Go to client and click on authorization
Click on policy and create new user policy
Click on user dropdown and search for user

Anything else?

No response

Describe the bug

in keycloak18, not running 9990, when we execute mvn clean wildfly:deploy, we could not deploy app in keycloak.
so I want to know keycloak 18.0.2 version how to use keycloak-quickstarts.thanks.

Failed to execute goal org.wildfly.plugins:wildfly-maven-plugin:1.2.2.Final:deploy (default-cli) on project keycloak-app-authz-jee-vanilla: Failed to execute goal deploy.: java.net.ConnectException: WFLYPRT0053: Could not connect to remote+http://localhost:9990. The connection failed: Connection refused -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.

Version

18.0.2

Expected behavior

No response

Actual behavior

No response

How to Reproduce?

No response

Anything else?

No response

Description

I see that this repository doesn't contain a MAINTAINERS.md

On my previous PRs I have seen comments and merges from @abstractj and @vmuzikar, so I wonder if some of you could prepare a list of maintainers to show in such a file.

Discussion

No response

Motivation

This would make it simpler for contributors to contact a maintainer.

Details

No response

Description

Examples in:

https://github.com/keycloak/keycloak-quickstarts/tree/latest/kubernetes-examples
https://github.com/keycloak/keycloak-quickstarts/tree/latest/openshift-examples

Are used by the Kubernetes and OpenShift getting started guides, and needs to be updated to use the Quarkus distribution.

Discussion

No response

Motivation

No response

Details

No response