KeyCloak Integration with Shiny Error

Babacar_Diouf · June 6, 2017, 8:58pm

I have created a realm on keycloak various user names and passwords and setup groups to get access to different applications to test its integration with ShinyProxy.

I have configured the realm setting via realm name and auth url via:
authentication: keycloak
.............................

keycloak:
      realm: Nvigator
      auth-server-url: http://localhost:8180/auth

I have ran Wildfly, Keycloak, and ShinyProxy.
However go to the link for the my instance ShinyProxy Login via: localhost:8081/login and sign in

The page goes to an error: Status Code: 405 Message.

Shiny Console outputs:
2017-06-06 16:33:01.214 WARN 16483 --- [ XNIO-2 task-12] o.s.web.servlet.PageNotFound : Request method 'POST' not supported

How can I resolve this?

Thanks,
Babacar Diouf

Babacar_Diouf · June 7, 2017, 4:10pm

Resolved by issue, did not configure client properties correctly on KeyCloak Console, and also updated the application.yml via

  keycloak:
      auth-server-url: http://localhost:8180/auth
      realm: nvigator
      public-client: true
      resource: shinyproxy-app
      credentials-secret: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx

Thanks,
babacar

Jan_Kucera · December 8, 2017, 1:53pm

Hi @Babacar_Diouf, I have the same error that youh had. May I ask how did you configure the keycloak server? Do you have the client setup with public or confidential Access Type? What did you use for further configuration of the client (e.g. Valid Redirect URIs)? Should this be http://shiny.proxy.url/login ?
Thanks
Jan

slowkow · January 15, 2018, 9:00pm

I understand these parameters:

auth-server-url
realm

But where do you get the values for the below parameters? Could you please describe them with more details?

public-client
resource
credentials-secret

I don’t see any documentation at all for these parameters, so I don’t know how to set this up on my server.

Thanks for any tips!

fmichielssen · January 16, 2018, 7:58am

Hi @slowkow,

resources are defined in Keycloak as sub-elements of clients, see http://www.keycloak.org/docs/3.0/authorization_services/topics/resource/overview.html#_resource_overview
From Keycloak’s point of view, ShinyProxy is a client application. You can define just one resource to protect the whole application.
credentials-secret is the password for a client, see http://www.keycloak.org/docs/3.0/server_admin/topics/clients/oidc/confidential.html

The public-client property is not known to me and is not used in ShinyProxy.

mpsimimike · January 16, 2018, 7:59am

The naming is a bit different here, same as for roles and groups.
resource
Resource would be the corresponding keycloak client you add under the realm
public-client
Can be set to true, if set accordingly in the Realm>Client>yourclient
credentials-secret
That would be the key generated for open-id connect, if you chose it under Realm>Clients>yourclient>Settings

/edit: too late