Hi,
I’ve installed Keycloak 19.0.2 using keycloakx from codecentric and it started perfectly.
I’ve logged in and configured my new realm with users (OTP as default), groups, roles and clients.
Then, I’ve logged out due to timeout.
Next, I’ve tried to login again to the admin console but I keep getting "invalid username or password’. I’ve tried chrome, edge and firefox as well as vivaldi after clearing caches or in private window and I have the same behavior.
On the log side, I have:
Appending additional Java properties to JAVA_OPTS: -XX:+UseContainerSupport -XX:MaxRAMPercentage=50.0 -Djava.awt.headless=true -Dkubeping_namespace=tools -Dkubeping_label="keycloak-cluster=default" -Djgroups.dns.query=keycloakx-headless
Changes detected in configuration. Updating the server image.
Updating the configuration and installing your custom providers, if any. Please wait.
2022-09-28 22:03:01,944 INFO [io.quarkus.deployment.QuarkusAugmentor] (main) Quarkus augmentation completed in 7806ms
Server configuration updated and persisted. Run the following command to review the configuration:
kc.sh show-config
Next time you run the server, just run:
kc.sh start --optimized --http-enabled=true --http-port=8080 --hostname-strict=false --hostname-strict-https=false --hostname-strict-backchannel=false --spi-events-listener-jboss-logging-success-level=info --spi-events-listener-jboss-logging-error-level=warn --spi-sticky-session-encoder-infinispan-should-attach-route=false
WARNING: The '--auto-build' option for 'start' command is DEPRECATED and no longer needed. When executing the 'start' command, a new server image is automatically built based on the configuration. If you want to disable this behavior and achieve an optimal startup time, use the '--optimized' option instead.
2022-09-28 22:03:03,511 INFO [org.keycloak.quarkus.runtime.hostname.DefaultHostnameProvider] (main) Hostname settings: Base URL: <unset>, Hostname: <request>, Strict HTTPS: false, Path: <request>, Strict BackChannel: false, Admin URL: <unset>, Admin: <request>, Port: -1, Proxied: true
2022-09-28 22:03:04,640 INFO [org.keycloak.common.crypto.CryptoIntegration] (main) Detected crypto provider: org.keycloak.crypto.def.DefaultCryptoProvider
2022-09-28 22:03:06,054 WARN [org.infinispan.CONFIG] (keycloak-cache-init) ISPN000569: Unable to persist Infinispan internal caches as no global state enabled
2022-09-28 22:03:06,064 WARN [org.infinispan.PERSISTENCE] (keycloak-cache-init) ISPN000554: jboss-marshalling is deprecated and planned for removal
2022-09-28 22:03:06,089 INFO [org.infinispan.CONTAINER] (keycloak-cache-init) ISPN000556: Starting user marshaller 'org.infinispan.jboss.marshalling.core.JBossUserMarshaller'
2022-09-28 22:03:06,336 INFO [org.infinispan.CONTAINER] (keycloak-cache-init) ISPN000128: Infinispan version: Infinispan 'Triskaidekaphobia' 13.0.9.Final
2022-09-28 22:03:06,440 INFO [org.infinispan.CLUSTER] (keycloak-cache-init) ISPN000078: Starting JGroups channel `ISPN` with stack `tcp-k8s`
2022-09-28 22:03:08,562 INFO [org.jgroups.protocols.pbcast.GMS] (keycloak-cache-init) keycloakx-0-15071: no members discovered after 2002 ms: creating cluster as coordinator
2022-09-28 22:03:08,571 INFO [org.infinispan.CLUSTER] (keycloak-cache-init) ISPN000094: Received new cluster view for channel ISPN: [keycloakx-0-15071|0] (1) [keycloakx-0-15071]
2022-09-28 22:03:08,575 INFO [org.infinispan.CLUSTER] (keycloak-cache-init) ISPN000079: Channel `ISPN` local address is `keycloakx-0-15071`, physical addresses are `[10.70.0.169:7800]`
2022-09-28 22:03:09,057 INFO [org.keycloak.connections.infinispan.DefaultInfinispanConnectionProviderFactory] (main) Node name: keycloakx-0-15071, Site name: null
2022-09-28 22:03:09,777 INFO [io.quarkus] (main) Keycloak 19.0.2 on JVM (powered by Quarkus 2.7.6.Final) started in 7.716s. Listening on: http://0.0.0.0:8080
2022-09-28 22:03:09,778 INFO [io.quarkus] (main) Profile prod activated.
2022-09-28 22:03:09,778 INFO [io.quarkus] (main) Installed features: [agroal, cdi, hibernate-orm, jdbc-h2, jdbc-mariadb, jdbc-mssql, jdbc-mysql, jdbc-oracle, jdbc-postgresql, keycloak, logging-gelf, narayana-jta, reactive-routes, resteasy, resteasy-jackson, smallrye-context-propagation, smallrye-health, smallrye-metrics, vault, vertx]
2022-09-28 22:03:09,805 ERROR [org.keycloak.services] (main) KC-SERVICES0010: Failed to add user 'admin' to realm 'master': user with username exists
2022-09-28 22:04:23,782 WARN [org.keycloak.events] (executor-thread-2) type=LOGIN_ERROR, realmId=7946a272-1ffb-4dc3-8e58-f50086aed68f, clientId=security-admin-console, userId=null, ipAddress=172.16.3.5, error=user_not_found, auth_method=openid-connect, auth_type=code, redirect_uri=http://keycloak.local/auth/admin/master/console/#/, code_id=95c9322f-ea0f-4715-a9c5-bea228103d8f, username=admin, authSessionParentId=95c9322f-ea0f-4715-a9c5-bea228103d8f, authSessionTabId=-Xcxerv-DQE
2022-09-28 22:07:24,914 WARN [org.keycloak.events] (executor-thread-4) type=LOGIN_ERROR, realmId=7946a272-1ffb-4dc3-8e58-f50086aed68f, clientId=security-admin-console, userId=null, ipAddress=172.16.3.5, error=user_not_found, auth_method=openid-connect, auth_type=code, redirect_uri=http://keycloak.local/auth/admin/master/console/, code_id=9b611118-b1e1-4e26-992c-9e3c6a97a460, username=admin, authSessionParentId=9b611118-b1e1-4e26-992c-9e3c6a97a460, authSessionTabId=35aO4AItUIA
The environment variable KEYCLOAK_ADMIN
and KEYCLOAK_ADMIN_PASSWORD
are correctly set. I’ve also duplicated them using KC_
prefix instead of KEYCLOAK_
and I have the same result.
What have I missed please ?
Thank you