devlauer / jenkins-keycloak-plugin Goto Github PK
View Code? Open in Web Editor NEWKeycloak Authentication Plugin
License: MIT License
Keycloak Authentication Plugin
License: MIT License
How to perform authorization on jenkins api when connecting a plugin
We are trying to automate the installation of this plugin, but when we try to instantiate de KeycloakSecurityRealm class (def keycloak_realm = new KeycloakSecurityRealm()) we get an error:
"groovy.lang.GroovyRuntimeException: Could not find matching constructor for: org.jenkinsci.plugins.KeycloakSecurityRealm(java.lang.Boolean)"
It would be really helpful if you could help us understand how to do the following using groovy
Thank you!
I'd love to see support of Keycloak roles, like its supported in the keycloak-connect node module.
Hi, i am trying to use jenkins plugin for keycloak but facing with the following problem. When i try to login from jenkins it correctly redirect me to the keycloak login page but when i insert credentials i get an endless redirect between jenkins and keycloak.
This is what i get from log:
jenkins-new | Jun 12, 2018 2:04:27 PM hudson.security.csrf.CrumbFilter doFilter
jenkins-new | WARNING: No valid crumb was included in request for /auth/realms/demo/protocol/openid-connect/token. Returning 403.
jenkins-new | Jun 12, 2018 2:04:27 PM org.jenkinsci.plugins.KeycloakSecurityRealm doFinishLogin
jenkins-new | SEVERE: Authentication Exception
jenkins-new | org.keycloak.adapters.ServerRequest$HttpFailure
jenkins-new | at org.keycloak.adapters.ServerRequest.error(ServerRequest.java:288)
jenkins-new | at org.keycloak.adapters.ServerRequest.invokeAccessCodeToToken(ServerRequest.java:115)
jenkins-new | at org.jenkinsci.plugins.KeycloakSecurityRealm.doFinishLogin(KeycloakSecurityRealm.java:226)
jenkins-new | at java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:627)
jenkins-new | at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:343)
jenkins-new | at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:184)
jenkins-new | at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:117)
jenkins-new | at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:129)
jenkins-new | at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)
jenkins-new | at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:715)
jenkins-new | at org.kohsuke.stapler.Stapler.invoke(Stapler.java:845)
jenkins-new | at org.kohsuke.stapler.MetaClass$3.doDispatch(MetaClass.java:209)
jenkins-new | at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)
jenkins-new | at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:715)
jenkins-new | at org.kohsuke.stapler.Stapler.invoke(Stapler.java:845)
jenkins-new | at org.kohsuke.stapler.Stapler.invoke(Stapler.java:649)
jenkins-new | at org.kohsuke.stapler.Stapler.service(Stapler.java:238)
jenkins-new | at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
jenkins-new | at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:841)
jenkins-new | at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1650)
jenkins-new | at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:135)
jenkins-new | at org.jenkinsci.plugins.RefreshFilter.doFilter(RefreshFilter.java:96)
jenkins-new | at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:132)
jenkins-new | at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:138)
jenkins-new | at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
jenkins-new | at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:86)
jenkins-new | at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
jenkins-new | at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
jenkins-new | at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51)
jenkins-new | at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
jenkins-new | at jenkins.security.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:117)
jenkins-new | at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
jenkins-new | at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)
jenkins-new | at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
jenkins-new | at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:135)
jenkins-new | at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
jenkins-new | at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271)
jenkins-new | at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
jenkins-new | at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:92)
jenkins-new | at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
jenkins-new | at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
jenkins-new | at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67)
jenkins-new | at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
jenkins-new | at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:90)
jenkins-new | at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171)
jenkins-new | at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
jenkins-new | at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49)
jenkins-new | at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
jenkins-new | at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:82)
jenkins-new | at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
jenkins-new | at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)
jenkins-new | at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
jenkins-new | at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:533)
jenkins-new | at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
jenkins-new | at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:524)
jenkins-new | at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
jenkins-new | at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:190)
jenkins-new | at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1595)
jenkins-new | at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:188)
jenkins-new | at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1253)
jenkins-new | at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:168)
jenkins-new | at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:473)
jenkins-new | at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1564)
jenkins-new | at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:166)
jenkins-new | at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1155)
jenkins-new | at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
jenkins-new | at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
jenkins-new | at org.eclipse.jetty.server.Server.handle(Server.java:564)
jenkins-new | at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:317)
jenkins-new | at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:251)
jenkins-new | at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:279)
jenkins-new | at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:110)
jenkins-new | at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:124)
jenkins-new | at org.eclipse.jetty.util.thread.Invocable.invokePreferred(Invocable.java:128)
jenkins-new | at org.eclipse.jetty.util.thread.Invocable$InvocableExecutor.invoke(Invocable.java:222)
jenkins-new | at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:294)
jenkins-new | at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:199)
jenkins-new | at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77)
jenkins-new | at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
jenkins-new | at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
jenkins-new | at java.lang.Thread.run(Thread.java:748)
jenkins-new |
jenkins-new | Jun 12, 2018 2:04:27 PM org.jenkinsci.plugins.KeycloakSecurityRealm doFinishLogin
jenkins-new | SEVERE: Failure Message<html>
jenkins-new | <head>
jenkins-new | <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
jenkins-new | <title>Error 403 No valid crumb was included in the request</title>
jenkins-new | </head>
jenkins-new | <body><h2>HTTP ERROR 403</h2>
jenkins-new | <p>Problem accessing /auth/realms/demo/protocol/openid-connect/token. Reason:
jenkins-new | <pre> No valid crumb was included in the request</pre></p><hr><a href="http://eclipse.org/jetty">Powered by Jetty:// 9.4.z-SNAPSHOT</a><hr/>
jenkins-new |
jenkins-new | </body>
jenkins-new | </html>
jenkins-new |
jenkins-new | Jun 12, 2018 2:04:27 PM org.jenkinsci.plugins.KeycloakSecurityRealm doFinishLogin
jenkins-new | SEVERE: Failure HTTP Status403
This is my docker-compose:
jenkins-new:
image: jenkins/jenkins:2.73.3
container_name: jenkins-new
networks:
app_net:
ipv4_address: 172.20.0.49
#restart: always
ports:
- "8086:8080"
Here my configuration of keycloak client:
Screenshoot of http reqests:
Thanks in advance.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.