当我尝试使用 xwiki 中的 keycloak 进行身份验证时,出现内部服务器错误。通常,我应该能够通过 Keycloak 进行身份验证,然后能够使用 Xwiki。它显示“内部服务器错误”。
HTTP Status 500 – Internal Server Error
Type Exception Report
Message Failed to handle Resource Reference [path = authenticator/callback, endpoint = authenticator, pathSegments = [callback]]
Beschreibung The server encountered an unexpected condition that prevented it from fulfilling the request.
Exception
javax.servlet.ServletException: Failed to handle Resource Reference [path = authenticator/callback, endpoint = authenticator, pathSegments = [callback]]
org.xwiki.resource.servlet.ResourceReferenceHandlerServlet.handleResourceReference(ResourceReferenceHandlerServlet.java:161)
org.xwiki.resource.servlet.ResourceReferenceHandlerServlet.service(ResourceReferenceHandlerServlet.java:87)
javax.servlet.http.HttpServlet.service(HttpServlet.java:623)
org.xwiki.container.servlet.filters.internal.SetHTTPHeaderFilter.doFilter(SetHTTPHeaderFilter.java:63)
org.xwiki.resource.servlet.RoutingFilter.doFilter(RoutingFilter.java:145)
org.xwiki.container.servlet.filters.internal.SavedRequestRestorerFilter.doFilter(SavedRequestRestorerFilter.java:208)
org.xwiki.container.servlet.filters.internal.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:111)
Root Cause
org.xwiki.resource.ResourceReferenceHandlerException: Failed to handle http servlet request
org.xwiki.contrib.oidc.provider.internal.OIDCResourceReferenceHandler.handle(OIDCResourceReferenceHandler.java:110)
org.xwiki.resource.internal.DefaultResourceReferenceHandlerChain.handleNext(DefaultResourceReferenceHandlerChain.java:79)
org.xwiki.resource.internal.AbstractResourceReferenceHandlerManager.handle(AbstractResourceReferenceHandlerManager.java:82)
org.xwiki.resource.servlet.ResourceReferenceHandlerServlet.handleResourceReference(ResourceReferenceHandlerServlet.java:159)
org.xwiki.resource.servlet.ResourceReferenceHandlerServlet.service(ResourceReferenceHandlerServlet.java:87)
javax.servlet.http.HttpServlet.service(HttpServlet.java:623)
org.xwiki.container.servlet.filters.internal.SetHTTPHeaderFilter.doFilter(SetHTTPHeaderFilter.java:63)
org.xwiki.resource.servlet.RoutingFilter.doFilter(RoutingFilter.java:145)
org.xwiki.container.servlet.filters.internal.SavedRequestRestorerFilter.doFilter(SavedRequestRestorerFilter.java:208)
org.xwiki.container.servlet.filters.internal.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:111)
Root Cause
org.xwiki.contrib.oidc.provider.internal.OIDCException: Failed to get access token:null
org.xwiki.contrib.oidc.auth.internal.endpoint.CallbackOIDCEndpoint.handle(CallbackOIDCEndpoint.java:183)
org.xwiki.contrib.oidc.provider.internal.OIDCResourceReferenceHandler.handle(OIDCResourceReferenceHandler.java:134)
org.xwiki.contrib.oidc.provider.internal.OIDCResourceReferenceHandler.handle(OIDCResourceReferenceHandler.java:108)
org.xwiki.resource.internal.DefaultResourceReferenceHandlerChain.handleNext(DefaultResourceReferenceHandlerChain.java:79)
org.xwiki.resource.internal.AbstractResourceReferenceHandlerManager.handle(AbstractResourceReferenceHandlerManager.java:82)
org.xwiki.resource.servlet.ResourceReferenceHandlerServlet.handleResourceReference(ResourceReferenceHandlerServlet.java:159)
org.xwiki.resource.servlet.ResourceReferenceHandlerServlet.service(ResourceReferenceHandlerServlet.java:87)
javax.servlet.http.HttpServlet.service(HttpServlet.java:623)
org.xwiki.container.servlet.filters.internal.SetHTTPHeaderFilter.doFilter(SetHTTPHeaderFilter.java:63)
org.xwiki.resource.servlet.RoutingFilter.doFilter(RoutingFilter.java:145)
org.xwiki.container.servlet.filters.internal.SavedRequestRestorerFilter.doFilter(SavedRequestRestorerFilter.java:208)
org.xwiki.container.servlet.filters.internal.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:111)
Hinweis Der komplette Stacktrace der Ursache ist in den Server logs zu finden
这是我的配置:
xwiki.属性:
oidc.endpoint.authorization=http://localhost:8080/realms/myrealm/protocol/openid-connect/auth
oidc.endpoint.token=http://localhost:8080/realms/myrealm/protocol/openid-connect/token
oidc.endpoint.userinfo=http://localhost:8080/realms/myrealm/protocol/openid-connect/userinfo
oidc.scope=openid,profile,email,address
oidc.endpoint.userinfo.method=GET
oidc.user.nameFormater=${oidc.user.preferredUsername._clean._lowerCase}
oidc.user.subjectFormater=${oidc.user.subject}
# oidc.groups.claim=xwiki_groups
# oidc.groups.mapping=MyXWikiGroup=my-oidc-group
# oidc.groups.mapping=MyXWikiGroup2=my-oidc-group2
# oidc.groups.mapping=MyXWikiGroup2=my-oidc-group3
# oidc.groups.allowed=
# oidc.groups.forbidden=
oidc.userinfoclaims=xwiki_user_accessibility,xwiki_user_company,xwiki_user_displayHiddenDocuments,xwiki_user_editor,xwiki_user_usertype
# oidc.userinforefreshrate=600000
oidc.clientid=xwiki-client
oidc.secret=*****************
oidc.endpoint.token.auth_method=client_secret_basic
oidc.skipped=false
在xwiki.cfg中我刚刚修改了这两行:
xwiki.home=http://localhost:8280/xwiki.authentication.authclass=org.xwiki.contrib.oidc.auth.OIDCAuthServiceImpl我在这里立即发现了两件事。我知道作者很草率地没有将其添加到文档中,但 OIDC 的标准表明您应该在网址末尾添加尾随 / 。其次,在 oidc 配置中的 xwiki.properties 中,添加行“oidc.idtokenclaims=id_token”,它应该被修复。错误是由于未正确读取令牌。斜杠和这一行都应该解决这个问题。