DEVHIDE
Login Or Sign up

How to fix "The required mechanism 'SSO' is not available in mechanisms [BASIC, CLIENT_CERT, DIGEST, FORM] from the HttpAuthenticationFactory." error?

828 Views Asked by At

Issue Description:

I'm upgrading the base Keycloak image for our customized Keycloak image. I've got it working locally and if i disable the single-sign-on subsystem configurations below, I can get it up and running in our OpenShift cluster.

How do I go about setting up the following CLI commands to get this working? I'm assuming I need to either add a command to add the missing SSO mechanism, or the fix is no longer needed for 16.1.1.

I've also included the stack-trace for the error for reference.

Specs:

  • Keycloak Version: 16.1.1 (FROM jboss/keycloak:16.1.1)

Subsystem configurations I need to comment out, but would like to get working.

/subsystem=undertow/server=default-server/host=default-host/setting=single-sign-on:add()
/subsystem=undertow/server=default-server/host=default-host/setting=single-sign-on:write-attribute(name=http-only,value=true)
/subsystem=undertow/server=default-server/host=default-host/setting=single-sign-on:write-attribute(name=secure,value=true)

Stack Trace

19:34:50,069 ERROR [org.jboss.msc.service.fail] (ServerService Thread Pool -- 61) MSC000001: Failed to start service jboss.deployment.unit."keycloak-server.war".undertow-deployment: org.jboss.msc.service.StartException in service jboss.deployment.unit."keycloak-server.war".undertow-deployment: java.lang.RuntimeException: java.lang.IllegalStateException: The required mechanism 'SSO' is not available in mechanisms [BASIC, CLIENT_CERT, DIGEST, FORM] from the HttpAuthenticationFactory.
    at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:90)
    at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
    at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
    at [email protected]//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
    at [email protected]//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990)
    at [email protected]//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
    at [email protected]//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
    at java.base/java.lang.Thread.run(Thread.java:829)
    at [email protected]//org.jboss.threads.JBossThread.run(JBossThread.java:513)
Caused by: java.lang.RuntimeException: java.lang.IllegalStateException: The required mechanism 'SSO' is not available in mechanisms [BASIC, CLIENT_CERT, DIGEST, FORM] from the HttpAuthenticationFactory.
    at [email protected]//io.undertow.servlet.core.DeploymentManagerImpl.deploy(DeploymentManagerImpl.java:257)
    at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:105)
    at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:87)
    ... 8 more
Caused by: java.lang.IllegalStateException: The required mechanism 'SSO' is not available in mechanisms [BASIC, CLIENT_CERT, DIGEST, FORM] from the HttpAuthenticationFactory.
    at org.wildfly.security.elytron-web.undertow-server-servlet@1.10.1.Final//org.wildfly.elytron.web.undertow.server.servlet.AuthenticationManager.initialSecurityHandler(AuthenticationManager.java:156)
    at org.wildfly.security.elytron-web.undertow-server-servlet@1.10.1.Final//org.wildfly.elytron.web.undertow.server.servlet.AuthenticationManager.lambda$configure$2(AuthenticationManager.java:101)
    at [email protected]//io.undertow.servlet.core.DeploymentManagerImpl.setupSecurityHandlers(DeploymentManagerImpl.java:445)
    at [email protected]//io.undertow.servlet.core.DeploymentManagerImpl.access$600(DeploymentManagerImpl.java:122)
    at [email protected]//io.undertow.servlet.core.DeploymentManagerImpl$1.call(DeploymentManagerImpl.java:226)
    at [email protected]//io.undertow.servlet.core.DeploymentManagerImpl$1.call(DeploymentManagerImpl.java:187)
    at [email protected]//io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:42)
    at [email protected]//io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
    at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1544)
    at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1544)
    at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1544)
    at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1544)
    at [email protected]//io.undertow.servlet.core.DeploymentManagerImpl.deploy(DeploymentManagerImpl.java:255)
    ... 10 more

19:34:50,135 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([("deployment" => "keycloak-server.war")]) - failure description: {"WFLYCTL0080: Failed services" => {"jboss.deployment.unit.\"keycloak-server.war\".undertow-deployment" => "java.lang.RuntimeException: java.lang.IllegalStateException: The required mechanism 'SSO' is not available in mechanisms [BASIC, CLIENT_CERT, DIGEST, FORM] from the HttpAuthenticationFactory.
    Caused by: java.lang.RuntimeException: java.lang.IllegalStateException: The required mechanism 'SSO' is not available in mechanisms [BASIC, CLIENT_CERT, DIGEST, FORM] from the HttpAuthenticationFactory.
    Caused by: java.lang.IllegalStateException: The required mechanism 'SSO' is not available in mechanisms [BASIC, CLIENT_CERT, DIGEST, FORM] from the HttpAuthenticationFactory."}}
jboss single-sign-on keycloak elytron wildfly-25
Original Q&A
2

There are 2 best solutions below

0
On

Try to specify <single-sign-on/> attribute on a specific application security domain:

/subsystem=undertow/application-security-domain=other/setting=single-sign-on:add(...)
0
On

For us it was to remove the <single-sign-on ...> element which inadvertently was added some time before (but didn't cause a problem in older wildfly versions)

<subsystem xmlns="urn:jboss:domain:undertow: ...">
        <buffer-cache name="default"/>
        <server name="default-server">
            <host name="default-host" alias="localhost">
                <!-- removed the next line -->
                <single-sign-on .../> 
            </host>
        </server>

Related Questions in JBOSS

Related Questions in SINGLE-SIGN-ON

Related Questions in KEYCLOAK

Related Questions in ELYTRON

Related Questions in WILDFLY-25

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.