Hey everyone, has someone else facing login issues with Appen today? I am having "We are sorry... Unexpected error when handling authentication request to identity provider." error when I try to. A friend of mine can login without any problems. There is a scheduled (Jul 24, 2021, 14:00 PDT) system maintenance but I guess it's not the reason. Is there something wrong at my end or it's a general issue? Show
Update: If you are having the same problem, try changing your password and delete your browser cache. This solves it. Keycloak Unexpected error when handling authentication request to identity providerQuestions : Keycloak Unexpected error when handling authentication request to identity provider2022-09-16T01:55:55+00:00 2022-09-16T01:55:55+00:00 769 We have configured Keycloak as Identity anycodings_saml Broker to external SAML2 based Identity anycodings_saml Provider. For most of the users, we are able anycodings_saml to sign in without any issues, but for some, anycodings_saml we are facing issues at Keycloak end saying anycodings_saml "Unexpected error when handling anycodings_saml authentication request to identity anycodings_saml provider". As all the users are from the anycodings_saml same organization, the SAML assertions are anycodings_saml identical, and we can't find any error in anycodings_saml logs. Keycloak version in question is anycodings_saml 4.3.0.Final. Has anyone faced a similar anycodings_saml issue? Please help. TIA Total Answers 1 29 Answers 1 : of Keycloak Unexpected error when handling authentication request to identity providerFix or disable faulty User Federation anycodings_saml providers. We had an improperly configured LDAP anycodings_saml provider under User Federation which was anycodings_saml also set to be the highest priority anycodings_saml provider, so when a user logged in, anycodings_saml Keycloak checked LDAP first which always anycodings_saml failed and returned Unexpected error anycodings_saml when handling authentication request to anycodings_saml identity provider. When the LDAP entry was disabled, anycodings_saml Keycloak passed control on to the next anycodings_saml provider which was able to authenticate anycodings_saml the user successfully. 0 2022-09-16T01:55:55+00:00 2022-09-16T01:55:55+00:00Answer Link mRahman Describe the bugScenario lead the bug/error:
Current solution Version17.0.0 Quarkus Distribution Expected behavior
Actual behavior
How to Reproduce?Already describe in section Describe the Bug Anything else?No response Kyle Swensson kyle.swensson at tasktop.comMon Jun 19 16:25:12 EDT 2017
Hi Marek, Fortunately, installing the master keycloak build did actually solve the problem, so thank you for that suggestion! When we log into the master realm admin console while logged into the user application, and then refresh the page on the user application, we get a page saying "Unexpected error when handling authentication request to identity provider", which is what we want to happen. Unfortunately, there is now a new problem, because once we get to this error page we continue to get this error page no matter what when attempting to access the user application until we delete all of our cookies, even closing the browser window doesn't help. When this happens it will also sometimes attempt to kick us out of the keycloak master realm admin console, but it doesn't do it consistently. I have attached a picture of the error page I am seeing. Do you know if there is any way that we could make this error page stop showing up once the user who logged into the keycloak master realm admin console logs out? Thanks, Kyle On Fri, Jun 16, 2017 at 1:58 AM, Marek Posolda <mposolda at redhat.com> wrote: > On 15/06/17 19:29, Kyle Swensson wrote: > > Hi, > > We have set up a user client on a seperate realm that is not master that > all users for that realm can access, which is where we have our user > application and we have also set up an additional client for a user > administration console on that (non-master) realm. However, the problem > occurs when we log into the user client on the non-master realm at the same > time as we log into the default admin console on the master realm, so our > problem involes 2 seperate realms. > > The latest Keycloak master is Keycloak 3.10.Final right? I have tried > upgrading to that, and the issue was still occurring. > > Latest Keycloak master is here: https://github.com/keycloak/keycloak > > You would need to checkout it, build manually SNAPSHOT and then test. Some > notes are here: https://github.com/keycloak/ke > ycloak/blob/master/misc/HackingOnKeycloak.md > > There are some changes in latest master, which might be related, but TBH I > didn't ever see the behaviour you described, so hard to predict if it helps > or not. > > Marek > > > Thanks, > Kyle > > On Thu, Jun 15, 2017 at 12:10 AM, Marek Posolda <mposolda at redhat.com> > wrote: > >> Hi, >> >> I guess you're using same realm 'master' for both your application and >> admin console. Can you try to use different realm for your application and >> see if it helps? Also can you try to upgrade to latest Keycloak master and >> see if it helps? >> >> Marek >> >> >> On 14/06/17 01:56, Kyle Swensson wrote: >> >>> Hello, >>> >>> >>> (I have asked this question before to no avail, but the wording was poor >>> so >>> I want to rephrase it in hopes of getting more help) >>> >>> I am having an issue with conflicting logins from a user application and >>> the keycloak admin console >>> >>> The issue arises when I authenticate on my user application as a basic >>> user, using Tomcat. Then, I navigate to the Keycloak Admin Console login >>> page on a different window. Despite being logged in as a basic user on my >>> user application, I am still shown the empty login page for the keycloak >>> admin console. After navigating to the Keycloak admin console login page, >>> my session on my user application becomes broken, and I'm not sure why. >>> At >>> this point if I refresh the page containing my application I will find a >>> 403 error in my console, however I can still access everything in my user >>> application normally. Additionally, for some reason I can no longer log >>> out >>> from my session like i normally would (by hitting the authorization >>> endpoint), when I try to log out nothing happens. The only way that I can >>> get it out of this permanently logged in state is by going to "account" >>> and >>> manually ending all of the sessions for my user. It may be worth noting >>> that I can also still log in to the admin console with a different user, >>> and use the admin console as normal while this is happening. If I log >>> onto >>> the admin console while this is happening and look at all of the active >>> sessions, I can see that there is indeed still an active session for the >>> basic user using the user application. I assume that is the root of the >>> problem, but I'm not sure what's causing this to happen. >>> >>> Setting the "Revoke Refresh Token" option in the keycloak admin console >>> to >>> ON does prevent this from happening, however it also makes the rest of my >>> application become very buggy and slow so leaving that on isn't really a >>> viable option. >>> >>> I'm wondering if this might be an actual bug with Keycloak, or if this is >>> just being caused by some configuration error on my side. I am currently >>> using Keycloak 2.3 for my application, but I have tried temporarily >>> upgrading to Keycloak 3.1 and that didn't help the issue. >>> _______________________________________________ >>> keycloak-user mailing list >>> keycloak-user at lists.jboss.org >>> https://lists.jboss.org/mailman/listinfo/keycloak-user >>> >> >> >> > > > -- > > > > --
More information about the keycloak-user mailing list |