After upgrade 23.0.4 we facing this.400 bad request issue.
We secured web application using Keycloak Tomcat Adapter.
app1 application is deployed to Tomcat.
Application external load balancer https://hostname1.com/
Keycloak Load balancer https://keycloakname1.com/
issue persist when VPN not connected. if VPN Connected then application working fine.
Example- when we hit below urls in browser and after successful login getting 400 response code
https://hostname1/app1/main.js getting "400 Bad Request "response code.
https://hostname1/app1/mainjs getting 404 response code. this is valid response code
https://hostname1/app1/main getting 404 response code which is valid code and url not contain .js
https://hostname1/app1/templates/About.html getting 200 response code.
how we can debug it and what is causing for .js in URl after upgrade from 19.0.3 to 23.0.4.
can some one look into it.
thanks in advance.
Neither of your urls are Keycloak related, it’s your application.
If the code behind theses urls are communicating somehow with Keycloak, we can’t give you any advice, because you provide us completely none details. We can’t guess and we aren’t visionaries.
app1 is deployed application in Tomcat container.
From app1 we are loading .js file in browser which is https://hostname1/app1/main.js
and we are getting 400 response code.
here is the steps.
-
put URl https://hostname1/app1/main.js in browser and hit enter.
-
keycloak will redirect to Login Screen
-
put user name password and login successful.
-
now requested url maim.js should load in browser after successful login but got 400 bad request.
this is happen only for any .js file while authentication
https://hostname1/app1/main.js?state=14b86ee0-881a-4e86-a84b-51591039497f&session_state=49588bcb-3686-4767-8c22-ebf719b4eafe&code=26a15c63-194f-443d-832c-bfc94e914596.49588bcb-3686-4767-8c22-ebf719b4eafe.d8d75e27-1ba7-414e-9e36-e75c64253437
Hope this will help you.
You just provided the same information just in another way. Sorry, I can‘t help.
this is information i have and no log error either keyclock server and application server.
That is reason I am struggling.
Where i can get more info.
Please specify what you need from me.
Keycloak 23.0.4 Not authorize .js conations URL with request payload
Request URL:
https://hostname1/app1/main.js?v=7.1.2&state=1e335e75-5d3f-45be-b036-c43872840d80&session_state=8d9b329c-521d-4f36-8e89-2025cf4886e0&iss=https%3A%2F%2Fsso-keycloak-hostname%2Fauth%2Frealms%2Fabc-uat&code=1c0e8d94-6ab1-4133-b49b-28a84f439910.8d9b329c-521d-4f36-8e48-9670cf4886e0.d8d75e27-1ba7-414e-9e36-e75c64253437
1. v:7.1.2
2. state:1e335e75-5d3f-45be-b036-c43872840d80
3. session_state:8d9b329c-521d-4f36-8e48-9670cf48
4. iss:https://sso-keycloak-hostname/auth/realms/abc-uat
5. code:1c0e8d94-6ab1-4133-b49b-28a84f439910.8d9b329c-521d-4f36-8e56-20253cf4886e0.d8d75e27-1ba7-414e-9e36-e75c64253437
Is this issue related to keycloak or Load balancer or some thing missing
this happens only .js contains in url
