Hi,
I have a Java EE application I run via Wildfly 25 and deploy as a *.ear file (containing a *.ejb and a *.war file). My application authenticates to an external, third-party system to access REST service. This external system has recently implemented Keycloak for SSO authentication. The third-party has provided an SDK with examples for authentication and access via their own class library along with a set of Keycloak 12.0.2 *.jar files and dependencies. The example code uses the Keycloak admin client (org.keycloak.admin.client.Keycloak) as follows:
...
keycloak = Keycloak.getInstance(
getKeycloakAuthServerUrl(),
getKeycloakRealm(),
username,
password,
getKeycloakResource(),
null, //this is the secret. If we decide to use the secret to authenticate, put it here
sslContext,
null, //CustomJacksonProvider
true,
null //authToken...we don't have one yet, so it's null
);
...
When I build a quick test with the SDK and compile and run it as a standalone Java project, the code runs as expected and I get a successful connection attempt. When I transplant this same code into my JEE app (where it is deployed within a Stateless Session EJB), I observe the following exception:
19:11:47,419 SEVERE [ConvServiceFactory] (EJB default - 1) Failure in Keycloak Direct auth: java.lang.IllegalArgumentException: org.jboss.resteasy.client.jaxrs.internal.proxy.ResteasyClientProxy referenced from a method is not visible from class loader
at java.base/java.lang.reflect.Proxy$ProxyBuilder.ensureVisible(Proxy.java:858)
at java.base/java.lang.reflect.Proxy$ProxyBuilder.validateProxyInterfaces(Proxy.java:681)
at java.base/java.lang.reflect.Proxy$ProxyBuilder.<init>(Proxy.java:627)
at java.base/java.lang.reflect.Proxy.lambda$getProxyConstructor$1(Proxy.java:426)
at java.base/jdk.internal.loader.AbstractClassLoaderValue$Memoizer.get(AbstractClassLoaderValue.java:329)
at java.base/jdk.internal.loader.AbstractClassLoaderValue.computeIfAbsent(AbstractClassLoaderValue.java:205)
at java.base/java.lang.reflect.Proxy.getProxyConstructor(Proxy.java:424)
at java.base/java.lang.reflect.Proxy.newProxyInstance(Proxy.java:1006)
at com.c60ext//org.jboss.resteasy.client.jaxrs.ProxyBuilder.proxy(ProxyBuilder.java:99)
at com.c60ext//org.jboss.resteasy.client.jaxrs.ProxyBuilder.build(ProxyBuilder.java:166)
at com.c60ext//org.jboss.resteasy.client.jaxrs.internal.ClientWebTarget.proxy(ClientWebTarget.java:93)
at com.c60ext//org.keycloak.admin.client.token.TokenManager.<init>(TokenManager.java:56)
at com.c60ext//org.keycloak.admin.client.Keycloak.<init>(Keycloak.java:55)
Because the standalone Java project works as expected, this error makes me think that the Keycloak class org.keycloak.admin.client.Keycloak and/or Keycloak version 12.0.2 may not be intended for use from within a Wildfly runtime environment.
Any input or direction anyone might provide would be appreciated.
Thanks!
-Andy