IllegalStateException when using WildFly adapter with WildFly 26

Securing applications
1

Setup

  • Wildfly 26.0.1.Final
  • Keycloak 16.1.1

I followed the instructions from the documentation for installing the WildFly adapter and used the following adapter:

https://github.com/keycloak/keycloak/releases/download/16.1.1/keycloak-oidc-wildfly-adapter-16.1.1.zip

Installation command
./bin/jboss-cli.sh --file=bin/adapter-elytron-install-offline.cli -Dserver.config=standalone-full.xml

web.xml

<web-app xmlns="http://java.sun.com/xml/ns/javaee"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
         version="3.0">

    <!-- Security configuration -->
    <security-constraint>
        <web-resource-collection>
            <web-resource-name>admin-api</web-resource-name>
            <url-pattern>/administration/*</url-pattern>
            <url-pattern>/operations/*</url-pattern>
            <url-pattern>/applications/*</url-pattern>
            <url-pattern>/entities/*</url-pattern>
        </web-resource-collection>
    </security-constraint>

    <login-config>
        <auth-method>KEYCLOAK</auth-method>
        <realm-name>this is ignored currently</realm-name>
    </login-config>

    <security-role>
        <role-name>*</role-name>
    </security-role>
</web-app>

I can also see the Keycloak subsystem in the standalone-full.xml but when starting the application I get the following message:

java.lang.IllegalStateException: The required mechanism 'KEYCLOAK' is not available in mechanisms [BASIC, CLIENT_CERT, DIGEST, FORM] from the HttpAuthenticationFactory

I’m aware that the adapter is deprecated but according to this issue, it’s still possible to use.

2

are you fix it?if you deal with it, please help us , thank you very much

3

In my case it was a simple mistake - I configured SAML only for standalone-full.xml, but ran the server with the normal standalone.xml configuration.

This works well for me:

wget https://github.com/wildfly/wildfly/releases/download/26.1.3.Final/wildfly-26.1.3.Final.zip
wget https://github.com/keycloak/keycloak/releases/download/21.1.2/keycloak-saml-wildfly-adapter-21.1.2.zip
unzip wildfly-26.1.3.Final.zip
cd wildfly-26.1.3.Final/
unzip ../keycloak-saml-wildfly-adapter-21.1.2.zip
./bin/jboss-cli.sh --file=bin/adapter-elytron-install-saml-offline.cli
cp ../example-service-using-saml-auth-1.0.1.war standalone/deployments/
./bin/standalone.sh

See this GitHub discussion: "The required mechanism 'KEYCLOAK' is not available in mechanisms [BASIC, CLIENT_CERT, DIGEST, FORM] from the HttpAuthenticationFactory" error when using the KeyCloak SAML WildFly adapter v21 with WildFly v26 · keycloak/keycloak · Discussion #31220 · GitHub