Keycloak Unknown authentication mechanism

Odili Charles Opute picture Odili Charles Opute · Dec 2, 2014 · Viewed 8k times · Source

I need help with using keycloak in an Errai app. I am getting an error about "unknown authentication method" for "KEYCLOAK" ? I have the keycloak-appliance running (on a different port though), and the Errai app has a with KEYCLOAK in the web.xml file inside WEB-INF When I run the Errai app with mvn gwt:run, I get : RuntimeException caused by "Unknown authentication mechanism KEYCLOAK". I have no idea how to go around this issue .

Answer

josh-cain picture josh-cain · Dec 21, 2015

Just wanted to add a little more detail to @cfsnyder's answer. In order for your application server to recognize a definition in the web.xml that looks like this:

<login-config>
    <auth-method>KEYCLOAK</auth-method>
    <realm-name>internal</realm-name>
</login-config>

you'll need to tell jboss (in this instance) how to interpret that particular auth method. At the time of my answer, this is in section 8.2 of the Keycloak docs.

First, download the keycloak adapter (remember, this is not the same as the Keycloak Server). Next, unzip the download in the wildfly home directory. With your application server running, just use the following command to install the Keycloak configuration into the appropriate files:

jboss-cli.sh -c --file=adapter-install.cli

When this script completes, your configuration file will have the new entry added to accommodate the KEYCLOAK entry in your web.xml. The script will add something like this to either a domain.xml or standalone.xml:

            <security-domain name="keycloak">
                <authentication>
                    <login-module code="org.keycloak.adapters.jboss.KeycloakLoginModule" flag="required"/>
                </authentication>
            </security-domain>

Once you have the Keycloak module files provided by the adapter + the security domain configuration to link the KEYCLOAK method to the appropriate LoginModule, you should be all set.