Uploaded image for project: 'jBPM'
  1. jBPM
  2. JBPM-9686

Business Central and KeyCloak SSO = Login failed: Not Authorized

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • Major
    • Resolution: Done
    • 7.51.0.Final
    • None
    • Workbench
    • None
    • False
    • False
    • NEW
    • NEW
    • Undefined

    Description

      Integration of KeyCloakSSO with Business Central ::

      KeyCloak Version 12.0.4 

      Followed the steps in the doucmentation :: https://docs.jboss.org/jbpm/release/7.51.0.Final/jbpm-docs/html_single/#_jbpmreleasenotes

       

      Its keeps sending to "Login Failed UnAuthorized" Page. 

       

      Logs ::: 

       

      [org.keycloak.adapters.OAuthRequestAuthenticator] (default task-6) Token Verification succeeded![org.keycloak.adapters.OAuthRequestAuthenticator] (default task-6) Token Verification succeeded![org.keycloak.adapters.OAuthRequestAuthenticator] (default task-6) successful authenticated[org.keycloak.adapters.RequestAuthenticator] (default task-6) User 'rhpamadmin' invoking 'http://localhost:8080/business-central/kie-wb.jsp?state=21c06a38-92e2-4d09-9efd-d963ce18aea9&session_state=e39ef88b-6c27-466e-ac06-d629d827eb8d&code=bbc6282b-5e11-4290-a7c6-66baa4cfdb5c.e39ef88b-6c27-466e-ac06-d629d827eb8d.3fc15bcf-6a0f-44fb-b17e-d6858f14fee2' on client 'kie'[org.keycloak.adapters.RequestAuthenticator] (default task-6) AUTHENTICATED[org.keycloak.adapters.AuthenticatedActionsHandler] (default task-6) AuthenticatedActionsValve.invoke http://localhost:8080/business-central/kie-wb.jsp?state=21c06a38-92e2-4d09-9efd-d963ce18aea9&session_state=e39ef88b-6c27-466e-ac06-d629d827eb8d&code=bbc6282b-5e11-4290-a7c6-66baa4cfdb5c.e39ef88b-6c27-466e-ac06-d629d827eb8d.3fc15bcf-6a0f-44fb-b17e-d6858f14fee2[org.keycloak.adapters.AuthenticatedActionsHandler] (default task-6) Policy enforcement is disabled.[io.undertow.request.security] (default task-6) Authenticated as rhpamadmin, roles [admin][io.undertow.request] (default I/O-17) Matched prefix path /business-central for path /business-central/kie-wb.jsp[io.undertow.request.security] (default task-6) Security constraints for request /business-central/kie-wb.jsp are [SingleConstraintMatch{emptyRoleSemantic=PERMIT, requiredRoles=[process-admin, manager, admin, analyst, developer, user]}][io.undertow.request.security] (default task-6) Authenticating required for request HttpServerExchange{ GET /business-central/kie-wb.jsp}[io.undertow.request.security] (default task-6) Setting authentication required for exchange HttpServerExchange{ GET /business-central/kie-wb.jsp}[org.keycloak.adapters.elytron.KeycloakHttpServerAuthenticationMechanism] (default task-6) Evaluating request for path [http://localhost:8080/business-central/kie-wb.jsp][org.keycloak.adapters.PreAuthActionsHandler] (default task-6) adminRequest http://localhost:8080/business-central/kie-wb.jsp[org.keycloak.adapters.elytron.ElytronAccount] (default task-6) session is active[org.keycloak.adapters.elytron.ElytronSessionTokenStore] (default task-6) Cached account found[org.keycloak.adapters.RequestAuthenticator] (default task-6) AUTHENTICATED: was cached[org.keycloak.adapters.AuthenticatedActionsHandler] (default task-6) AuthenticatedActionsValve.invoke http://localhost:8080/business-central/kie-wb.jsp[org.keycloak.adapters.AuthenticatedActionsHandler] (default task-6) Policy enforcement is disabled.[io.undertow.request.security] (default task-6) Authenticated as rhpamadmin, roles [admin][org.apache.jasper.servlet] (default task-6) JspEngine --> /not_authorized.jsp[org.apache.jasper.servlet] (default task-6)      ServletPath: /not_authorized.jsp[org.apache.jasper.servlet] (default task-6)         PathInfo: null[org.apache.jasper.servlet] (default task-6)         RealPath: /home/kunal/OpenSource/wildfly-21.0.2.Final/standalone/tmp/vfs/temp/tempd053c7955984dbbd/content-ec27fd260759caa4/not_authorized.jsp[org.apache.jasper.servlet] (default task-6)       RequestURI: /business-central/not_authorized.jsp[org.apache.jasper.servlet] (default task-6)      QueryString: null
       
      

       

      Observation :: Keycloak Adpater authenticates the user , but the Business Central denies access to the Page. 

       

      Login failed: Not Authorized

      Login failed: Not Authorized

      standalone-full.xml

       

      If I disable KeyCloak : This is the logs that printed and successfully logged in 
       
       

      2021-03-28 11:44:15,635 DEBUG [io.undertow.request.security] (default task-3) Authentication outcome was AUTHENTICATED with method io.undertow.servlet.handlers.security.ServletFormAuthenticationMechanism@6152723f for /business-central/j_security_check 2021-03-28 11:44:15,635 DEBUG [io.undertow.request.security] (default task-3) Authentication result was AUTHENTICATED for /business-central/j_security_check 2021-03-28 
      
      11:44:15,637 DEBUG [io.undertow.request] (default I/O-21) Matched prefix path /business-central for path /business-central/kie-wb.jsp 2021-03-28 
      
      11:44:15,637 DEBUG [io.undertow.request.security] (default task-3) Security constraints for request /business-central/kie-wb.jsp are 
      [SingleConstraintMatch{emptyRoleSemantic=PERMIT, requiredRoles=[process-admin, manager, admin, analyst, developer, user]}] 
      
      2021-03-28 11:44:15,637 DEBUG [io.undertow.request.security] (default task-3) Authenticating required for request HttpServerExchange{ GET /business-central/kie-wb.jsp} 
      
      
      2021-03-28 11:44:15,637 DEBUG [io.undertow.request.security] (default task-3) Setting authentication required for exchange HttpServerExchange{ GET /business-central/kie-wb.jsp} 2021-03-28 11:44:15,637 DEBUG [io.undertow.request.security] (default task-3) Attempting to authenticate /business-central/kie-wb.jsp, authentication required: true 2021-03-28 11:44:15,637 DEBUG [io.undertow.request.security] (default task-3) Authenticated as rhpamAdmin, roles [admin] 2021-03-28 11:44:15,637 DEBUG [io.undertow.request.security] (default task-3) Authentication outcome was AUTHENTICATED with method io.undertow.security.impl.CachedAuthenticatedSessionMechanism@2a992413 for /business-central/kie-wb.jsp 2021-03-28 11:44:15,637 DEBUG [io.undertow.request.security] (default task-3) Authentication result was AUTHENTICATED for /business-central/kie-wb.jsp 2021-03-28 11:44:15,649 DEBUG [org.jboss.errai.bus.server.servlet.CSRFTokenFilter] (default task-3) Generated token [26f036f614e2d26a79b605bc862c747808e14c0bda9c7ec1a81c21ec65240e5] for HTTP session with id [YHqXR0dVgppVVapi6cdN5K1TX30M0wBOEGBLd_Tn]. 2021-03-28 11:44:15,650 DEBUG [org.apache.jasper.servlet] (default task-3) JspEngine --> /kie-wb.jsp

       
       

       

       

      Any help is appreciated 

      Attachments

        Activity

          People

            kverlaen@redhat.com Kris Verlaenen
            kunal.kishan.infosys Kunal Kishan
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: