AuthenticationFlowException: No privacyIDEA configuration found for kc-realm <realm-name>

Question

AuthenticationFlowException: No privacyIDEA configuration found for kc-realm <realm-name>

gryffus opened this issue a year ago · 1 comments

Hello,

I have set up the keycloak provider with our testing keycloak environment ( Keycloak 21.0.1, privacyIDEA 3.8.1 ).

Provider is configured in trigger challenge mode, with service account.

User has configured PUSH token. He inputs username and password, in next step he gets the push token, approves it and after approval, I can see following exception:

keycloak_4     | 2023-03-25 03:49:04,479 WARN  [org.keycloak.services] (executor-thread-26) KC-SERVICES0013: Failed authentication: org.keycloak.authentication.AuthenticationFlowException: No privacyIDEA configuration found for kc-realm <redacted>
keycloak_4     |        at org.privacyidea.authenticator.PrivacyIDEAAuthenticator.action(PrivacyIDEAAuthenticator.java:302)
keycloak_4     |        at org.keycloak.authentication.DefaultAuthenticationFlow.processAction(DefaultAuthenticationFlow.java:154)
keycloak_4     |        at org.keycloak.authentication.AuthenticationProcessor.authenticationAction(AuthenticationProcessor.java:985)
keycloak_4     |        at org.keycloak.services.resources.LoginActionsService.processFlow(LoginActionsService.java:323)
keycloak_4     |        at org.keycloak.services.resources.LoginActionsService.processAuthentication(LoginActionsService.java:294)
keycloak_4     |        at org.keycloak.services.resources.LoginActionsService.authenticateInternal(LoginActionsService.java:286)
keycloak_4     |        at org.keycloak.services.resources.LoginActionsService.access$100(LoginActionsService.java:111)
keycloak_4     |        at org.keycloak.services.resources.LoginActionsService$1.runInternal(LoginActionsService.java:266)
keycloak_4     |        at org.keycloak.common.util.ResponseSessionTask.run(ResponseSessionTask.java:67)
keycloak_4     |        at org.keycloak.common.util.ResponseSessionTask.run(ResponseSessionTask.java:44)
keycloak_4     |        at org.keycloak.models.utils.KeycloakModelUtils.runJobInRetriableTransaction(KeycloakModelUtils.java:299)
keycloak_4     |        at org.keycloak.services.resources.LoginActionsService.authenticate(LoginActionsService.java:259)
keycloak_4     |        at org.keycloak.services.resources.LoginActionsService.authenticateForm(LoginActionsService.java:351)
keycloak_4     |        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
keycloak_4     |        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
keycloak_4     |        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
keycloak_4     |        at java.base/java.lang.reflect.Method.invoke(Method.java:568)
keycloak_4     |        at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:170)
keycloak_4     |        at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:130)
keycloak_4     |        at org.jboss.resteasy.core.ResourceMethodInvoker.internalInvokeOnTarget(ResourceMethodInvoker.java:660)
keycloak_4     |        at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTargetAfterFilter(ResourceMethodInvoker.java:524)
keycloak_4     |        at org.jboss.resteasy.core.ResourceMethodInvoker.lambda$invokeOnTarget$2(ResourceMethodInvoker.java:474)
keycloak_4     |        at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:364)
keycloak_4     |        at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:476)
keycloak_4     |        at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:434)
keycloak_4     |        at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:192)
keycloak_4     |        at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:141)
keycloak_4     |        at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:32)
keycloak_4     |        at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:492)
keycloak_4     |        at org.jboss.resteasy.core.SynchronousDispatcher.lambda$invoke$4(SynchronousDispatcher.java:261)
keycloak_4     |        at org.jboss.resteasy.core.SynchronousDispatcher.lambda$preprocess$0(SynchronousDispatcher.java:161)
keycloak_4     |        at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:364)
keycloak_4     |        at org.jboss.resteasy.core.SynchronousDispatcher.preprocess(SynchronousDispatcher.java:164)
keycloak_4     |        at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:247)
keycloak_4     |        at io.quarkus.resteasy.runtime.standalone.RequestDispatcher.service(RequestDispatcher.java:73)
keycloak_4     |        at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.dispatch(VertxRequestHandler.java:151)
keycloak_4     |        at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.handle(VertxRequestHandler.java:82)
keycloak_4     |        at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.handle(VertxRequestHandler.java:42)
keycloak_4     |        at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1284)
keycloak_4     |        at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:173)
keycloak_4     |        at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:140)
keycloak_4     |        at io.quarkus.vertx.http.runtime.StaticResourcesRecorder$2.handle(StaticResourcesRecorder.java:84)
keycloak_4     |        at io.quarkus.vertx.http.runtime.StaticResourcesRecorder$2.handle(StaticResourcesRecorder.java:71)
keycloak_4     |        at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1284)
keycloak_4     |        at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:173)
keycloak_4     |        at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:140)
keycloak_4     |        at io.quarkus.vertx.http.runtime.VertxHttpRecorder$6.handle(VertxHttpRecorder.java:430)
keycloak_4     |        at io.quarkus.vertx.http.runtime.VertxHttpRecorder$6.handle(VertxHttpRecorder.java:408)
keycloak_4     |        at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1284)
keycloak_4     |        at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:173)
keycloak_4     |        at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:140)
keycloak_4     |        at org.keycloak.quarkus.runtime.integration.web.QuarkusRequestFilter.lambda$createBlockingHandler$0(QuarkusRequestFilter.java:82)
keycloak_4     |        at io.quarkus.vertx.core.runtime.VertxCoreRecorder$14.runWith(VertxCoreRecorder.java:576)
keycloak_4     |        at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2449)
keycloak_4     |        at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1478)
keycloak_4     |        at org.jboss.threads.DelegatingRunnable.run(DelegatingRunnable.java:29)
keycloak_4     |        at org.jboss.threads.ThreadLocalResettingRunnable.run(ThreadLocalResettingRunnable.java:29)
keycloak_4     |        at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
keycloak_4     |        at java.base/java.lang.Thread.run(Thread.java:833)

Immediately, user gets authentication failed error.

Is this a configuration error or a bug?

Thanks.

Answer 1 · 2023-03-26T21:32:37.000Z

It seems it was some configuration problem or confict with native keycloak otp implementation.

After cleaning everything up and restarting, everything seems fine.

Sorry.