Can't login to Keycloak

aragon · June 5, 2020, 6:33am

Hi folks,

I’ve installed Keycloak using a docker-compose file.

version: '3'

volumes:
  postgres_data:
      driver: local

services:
  postgres:
      image: postgres
      volumes:
        - postgres_data:/var/lib/postgresql/data
      environment:
       -  POSTGRES_DB=keycloak
       -  POSTGRES_USER=keycloak
       -  POSTGRES_PASSWORD=password
  keycloak:
      image: quay.io/keycloak/keycloak:latest
      environment:
        - DB_VENDOR=POSTGRES
        - DB_ADDR=postgres
        - DB_DATABASE=keycloak
        - DB_USER=keycloak
        - DB_SCHEMA=public
        - DB_PASSWORD=password
        - KEYCLOAK_USER=admin
        - KEYCLOAK_PASSWORD=admin
        - PROXY_ADDRESS_FORWARDING=false
        #JDBC_PARAMS: "ssl=true"
      ports:
        - 8080:8080
      depends_on:
        - postgres

I got the Keycloak running. But when I login, I got an error saying “Invalid username or password.”
I’ve used the credentials admin / admin for login.

If I remove volumes in postgres and do a docker-compose up it works fine. I don’t understand why it is not working if I use volumes. I do have the directories for the volume postgres_data in my server .
Can someone help me? Any help would be much appreciated.

Akash · June 5, 2020, 7:08am

Can you share the logs

aragon · June 5, 2020, 7:34am

Following is the logs I’m getting

WARN [org.keycloak.events] (default task-2) type=LOGIN_ERROR, realmId=master, clientId=security-admin-console, userId=0d8e6181-4a64-4d7f-8076-eb99dc2632ef, ipAddress=172.18.0.1, error=invalid_user_credentials, auth_method=openid-connect, auth_type=code, redirect_uri=http://server/auth/admin/master/console/, code_id=c2ba5c26-cec7-4707-aae7-3c60b4729756, username=admin, authSessionParentId=c2ba5c26-cec7-4707-aae7-3c60b4729756, authSessionTabId=wxNUSryJJ24

zonaut · June 5, 2020, 8:03am

Try to set another password other than ‘admin’, this will resolve your problem.
Seems like a bug or something else.

aragon · June 5, 2020, 8:39am

I changed the password. It didn’t work. Still get getting the same error.

zonaut · June 5, 2020, 8:43am

I’ve tried it on my system, when I set the KEYCLOAK_PASSWORD to admin I can’t also login, when I change it to password I can login. My docker-compose file can be found under https://github.com/zonaut/keycloak-extensions
My guess is that the username and password can’t be the same value, which from a security perspective makes sense but they should throw an error on startup

aragon · June 5, 2020, 9:40am

Thanks for the Answer.

joaoepj · November 22, 2022, 1:58pm

Just to register, on keycloak 20.0.1 one should set KEYCLOAK_ADMIN_PASSWORD instead of KEYCLOAK_PASSWORD. I haven’t checked earlier versions, but be warned. Starting docker keycloak using KEYCLOAK_PASSWORD makes it unable to login at Keycloak Admin Console and leads to errors like user_not_found and/or invalid_user_credentials.

tmthn · December 6, 2022, 11:47am

Worth to note that if you set an email address for the admin user, the username admin no longer will work to log in.