-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
8.0.0.GA
-
None
-
False
-
None
-
False
-
-
-
-
-
-
-
After configuring a SAML client, when you try and get the Keycloak SAML JBoss Subsystem CLI, there is a missing parenthesis on the second statement, e.g.
/subsystem=keycloak-saml/secure-deployment=YOUR-WAR.war/:add
/subsystem=keycloak-saml/secure-deployment=YOUR-WAR.war/SP="https://eap-eap7-1999.apps.atucek-5haw.eapqe.psi.redhat.com:443/saml-app/"/:add(sslPolicy=EXTERNAL,logoutPage="SPECIFY YOUR LOGOUT PAGE!"
/subsystem=keycloak-saml/secure-deployment=YOUR-WAR.war/SP="https://eap-eap7-1999.apps.atucek-5haw.eapqe.psi.redhat.com:443/saml-app/"/Key=KEY1:add(signing=true, \
PrivateKeyPem="PRIVATE KEY NOT SET UP OR KNOWN", \
CertificatePem="MIID7DCCAtSgAwIBAgIJALyGZxvv6vHpMA0GCSqGSIb3DQEBCwUAMIGbMQswCQYDVQQGEwJJVDEOMAwGA1UECBMFTWlsYW4xCzAJBgNVBAcTAk1CMRcwFQYDVQQKEw5SZWQgSGF0IEVBUCBRRTEYMBYGA1UECxMPRUFQIFNBTUwgQ2xpZW50MTwwOgYDVQQDEzNlYXAtZWFwNy0xOTk5LmFwcHMuYXR1Y2VrLTVoYXcuZWFwcWUucHNpLnJlZGhhdC5jb20wHhcNMjMwNDIwMTIxNjAxWhcNMjQwNDE5MTIxNjAxWjCBmzELMAkGA1UEBhMCSVQxDjAMBgNVBAgTBU1pbGFuMQswCQYDVQQHEwJNQjEXMBUGA1UEChMOUmVkIEhhdCBFQVAgUUUxGDAWBgNVBAsTD0VBUCBTQU1MIENsaWVudDE8MDoGA1UEAxMzZWFwLWVhcDctMTk5OS5hcHBzLmF0dWNlay01aGF3LmVhcHFlLnBzaS5yZWRoYXQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdtOSJNYQjLfGgSc7HiuTOLcvudO9hGPTaf2VADH9qc/UD6ReePfyy17gux0Id7ocizn5QooGo2q+2U8lXV6WAmAlJWyrMZwHbkj/4nvWEQGA+oFwrVvQJ6mRzHAqivkGVCAolFGiJI7ptic7c/sqr40OaM59a3AqZjOG8An5tROc6IQd0qWKU/kXlhz9hpcf8HJPsbSXmKEh5nCYJ8YuFgLBvNlMWoPa7w+oHkw+nkoQ8PArZ8ZVaUOXUGF5jL6X1pMLnVRarOEVjyjNSiq+QgdWC7rSH87yr+eezm5j39lLvVpDwwe/mMLs8xfrgyEVUqcf1JlD5mk6ZTPKn1+hwIDAQABozEwLzAdBgNVHQ4EFgQU521rHMXF84kaG0Ef2rBx99cF8LUwDgYDVR0PAQH/BAQDAgWgMA0GCSqGSIb3DQEBCwUAA4IBAQBs3AmAXDZlHIHrqvIhHhSqamjcs8vPb6kCLx9oxrBgQ/hGXUzOkhbzr1MNMCt9kulZFlh5fdD9g8CIqqLWmJN2diP+Ec2k8kGcqwocc1UodwvkKTDKO3VsIQWBbHVt/4cutnhje0L1g+sFM3BFdz5OfBQHqkCc5zPyvMfHwFhe1Ku++u1koHYp33HTVl+qNMRF1bznrQ4ZSlM8S5tIMWPdBMRvUUvicHrrZ7qrtTuZ/t5vNY1iJE3F4tsYoM2kIL1D1Sv5mvbYv+FW8PRk7m/XuN7q+ZpEdUQEPplM62b4IH9pUNHQi8jhMUBHNyTrUiW08EtXQnvFmMl+PPTSNkII")
/subsystem=keycloak-saml/secure-deployment=YOUR-WAR.war/SP="https://eap-eap7-1999.apps.atucek-5haw.eapqe.psi.redhat.com:443/saml-app/"/IDP=idp/:add( \
SingleSignOnService={ \
signRequest=true, \
validateResponseSignature=true, \
validateAssertionSignature=false, \
requestBinding=POST, \
bindingUrl=https://keycloak-eap7-1999.apps.atucek-5haw.eapqe.psi.redhat.com/auth/realms/saml-basic-auth/protocol/saml}, \
SingleLogoutService={ \
signRequest=true, \
signResponse=true, \
validateRequestSignature=true, \
validateResponseSignature=true, \
requestBinding=POST, \
responseBinding=POST, \
postBindingUrl=https://keycloak-eap7-1999.apps.atucek-5haw.eapqe.psi.redhat.com/auth/realms/saml-basic-auth/protocol/saml, \
redirectBindingUrl=https://keycloak-eap7-1999.apps.atucek-5haw.eapqe.psi.redhat.com/auth/realms/saml-basic-auth/protocol/saml} \
)
/subsystem=keycloak-saml/secure-deployment=YOUR-WAR.war/SP="https://eap-eap7-1999.apps.atucek-5haw.eapqe.psi.redhat.com:443/saml-app/"/IDP=idp/:write-attribute(name=signatureAlgorithm,value=RSA_SHA256)
/subsystem=keycloak-saml/secure-deployment=YOUR-WAR.war/SP="https://eap-eap7-1999.apps.atucek-5haw.eapqe.psi.redhat.com:443/saml-app/"/IDP=idp/:write-attribute(name=signatureCanonicalizationMethod,value=http://www.w3.org/2001/10/xml-exc-c14n#)