Hello,
I am trying to authenticate using Casdoor through Keycloak provider, I followed the steps detailed here :
Casdoor : v1.765.0
Keycloak : v21
Below is my Keycloak SAML client configuration :
{
"clientId": "http://10.X.X.X:8000/api/acs",
"name": "Casdoor",
"description": "For Casdoor - Keycloak authentication",
"rootUrl": "",
"adminUrl": "http://10.X.X.X:8000/api/acs",
"baseUrl": "",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"redirectUris": [
"http://10.X.X.X:8000/api/acs"
],
"webOrigins": [
"http://10.X.X.X:8000"
],
"notBefore": 0,
"bearerOnly": false,
"consentRequired": false,
"standardFlowEnabled": true,
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": true,
"serviceAccountsEnabled": false,
"publicClient": true,
"frontchannelLogout": true,
"protocol": "saml",
"attributes": {
"saml.assertion.signature": "false",
"saml_assertion_consumer_url_redirect": "http://10.X.X.X:8000/api/acs",
"saml.force.post.binding": "false",
"saml.encrypt": "false",
"saml_assertion_consumer_url_post": "http://10.X.X.X:8000/api/acs",
"saml.server.signature": "true",
"saml.server.signature.keyinfo.ext": "false",
"saml.signing.certificate": "MIIC0TCCAbkCBgGUP8H3KjANByMjo4Mxxxxxxxxxxxxxxxx",
"saml.artifact.binding.identifier": "2ZG/EJQNM=xxxxxxxxxxxxxx",
"saml.artifact.binding": "false",
"saml.signature.algorithm": "RSA_SHA256",
"saml_force_name_id_format": "false",
"saml.force.name.id.format": "false",
"saml.client.signature": "false",
"saml.authnstatement": "true",
"display.on.consent.screen": "false",
"saml_name_id_format": "username",
"saml.signing.private.key": "MIIEowIBAAKCAQEAwMZX5gbMuvxxxxxxxxxxxxxxxxxxxx",
"saml.allow.ecp.flow": "false",
"saml.onetimeuse.condition": "false",
"saml.server.signature.keyinfo.xmlSigKeyInfoKeyNameTransformer": "NONE",
"saml_signature_canonicalization_method": "http://www.w3.org/2001/10/xml-exc-c14n#"
},
"authenticationFlowBindingOverrides": {},
"fullScopeAllowed": true,
"nodeReRegistrationTimeout": -1,
"defaultClientScopes": [
"role_list"
],
"optionalClientScopes": [],
"access": {
"view": true,
"configure": true,
"manage": true
}
}
When clicking on the Keycloak icon on the Casdoor login page I am seeing below error:
Keycloak error shows below:
2025-01-07 09:51:24,862 WARN [org.keycloak.events] (executor-thread-100700) type=LOGIN_ERROR, realmId=b4b9-f12bc26f8fdb, clientId=null, userId=null, ipAddress=10.X.X.X, error=client_not_found, reason=Cannot_match_source_hash
Login using Casdoor alone is working (without using Keycloak provider) a
Any idea on what could be wrong here?
Regards,
Amith