Re: [Resteasy-users] Resteasy OAuth 2.0 Skeleton Key Example launchs javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
BTW, take a look at keycloak.org Its the new project I started for security. On 5/13/2014 5:08 PM, Bill Burke wrote: > You have to provide a truststore or disable the trust manager. > > On 5/13/2014 4:26 PM, JOSÉ INÁCIO DA SILVA JÚNIOR wrote: >> Hi! >> >> I'm trying to implement SSO through Resteasy Skeleton Key. >> I'm following the Chapter 39. OAuth 2.0 and Resteasy Skeleton Key of >> Resteasy Reference Guide. >> >> I generated my keystore with: >> >> keytool -genkey -alias mydomain -keyalg rsa -keystore realmDINF.jks >> >> then I exported my certificate with: >> >> keytool -exportcert -alias mydomain -keystore >> /opt/jboss-7.1.1.Final/standalone/configuration/realmDINF.jks -file >> /opt/jboss-7.1.1.Final/standalone/configuration/mydomain.cer >> >> then I imported my certificate into cacerts: >> >> keytool -import -alias mydomain -keystore cacerts -trustcacerts -file >> /opt/jboss-7.1.1.Final/standalone/configuration/mydomain.cer >> >> >> The auth-server application e the customer-app applicaton were deployed >> >> When I access the customer-app application in my browser: >> >> https://localhost:8443/customer-app >> >> I see the login page and when I enter user and password I get the following >> exception: >> >> 17:09:35,499 ERROR [org.apache.catalina.connector.CoyoteAdapter] >> (http--127.0.0.1-8443-1) An exception or error occurred in the container >> during the request processing: javax.ws.rs.ProcessingException: Unable to >> invoke request >> at >> org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient4Engine.invoke(ApacheHttpClient4Engine.java:287) >> [resteasy-client-3.0.7.Final.jar:] >> at >> org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.invoke(ClientInvocation.java:407) >> [resteasy-client-3.0.7.Final.jar:] >> at >> org.jboss.resteasy.client.jaxrs.internal.ClientInvocationBuilder.post(ClientInvocationBuilder.java:195) >> [resteasy-client-3.0.7.Final.jar:] >> at >> org.jboss.resteasy.skeleton.key.as7.ServletOAuthLogin.resolveCode(ServletOAuthLogin.java:271) >> [skeleton-key-as7-3.0.7.Final.jar:] >> at >> org.jboss.resteasy.skeleton.key.as7.OAuthManagedResourceValve.oauth(OAuthManagedResourceValve.java:273) >> [skeleton-key-as7-3.0.7.Final.jar:] >> at >> org.jboss.resteasy.skeleton.key.as7.OAuthManagedResourceValve.authenticate(OAuthManagedResourceValve.java:175) >> [skeleton-key-as7-3.0.7.Final.jar:] >> at >> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:455) >> [jbossweb-7.0.13.Final.jar:] >> at >> org.jboss.resteasy.skeleton.key.as7.OAuthManagedResourceValve.invoke(OAuthManagedResourceValve.java:138) >> [skeleton-key-as7-3.0.7.Final.jar:] >> at >> org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) >> [jboss-as-web-7.1.1.Final.jar:7.1.1.Final] >> at >> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) >> [jbossweb-7.0.13.Final.jar:] >> at >> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) >> [jbossweb-7.0.13.Final.jar:] >> at >> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) >> [jbossweb-7.0.13.Final.jar:] >> at >> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) >> [jbossweb-7.0.13.Final.jar:] >> at >> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) >> [jbossweb-7.0.13.Final.jar:] >> at >> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) >> [jbossweb-7.0.13.Final.jar:] >> at >> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) >> [jbossweb-7.0.13.Final.jar:] >> at java.lang.Thread.run(Thread.java:662) [rt.jar:1.6.0_45] >> Caused by: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated >> at >> com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:352) >> [jsse.jar:1.6] >> at >> org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128) >> [httpclient-4.2.1.jar:4.2.1] >> at >> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:572) >> [httpclient-4.2.1.jar:4.2.1] >> at >> org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180) >> [httpclient-4.2.1.jar:4.2.1] >> at >> org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:294) >> [httpclient-4.2.1.jar:4.2.1] >> at >> org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:640) >> [httpclient-4.2.1.jar:4.2.1] >> at >> org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:479) >> [httpclient-4.2.1.jar:4.2.1] >> at >> org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:906) >> [htt
Re: [Resteasy-users] Resteasy OAuth 2.0 Skeleton Key Example launchs javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
You have to provide a truststore or disable the trust manager. On 5/13/2014 4:26 PM, JOSÉ INÁCIO DA SILVA JÚNIOR wrote: > Hi! > > I'm trying to implement SSO through Resteasy Skeleton Key. > I'm following the Chapter 39. OAuth 2.0 and Resteasy Skeleton Key of Resteasy > Reference Guide. > > I generated my keystore with: > > keytool -genkey -alias mydomain -keyalg rsa -keystore realmDINF.jks > > then I exported my certificate with: > > keytool -exportcert -alias mydomain -keystore > /opt/jboss-7.1.1.Final/standalone/configuration/realmDINF.jks -file > /opt/jboss-7.1.1.Final/standalone/configuration/mydomain.cer > > then I imported my certificate into cacerts: > > keytool -import -alias mydomain -keystore cacerts -trustcacerts -file > /opt/jboss-7.1.1.Final/standalone/configuration/mydomain.cer > > > The auth-server application e the customer-app applicaton were deployed > > When I access the customer-app application in my browser: > > https://localhost:8443/customer-app > > I see the login page and when I enter user and password I get the following > exception: > > 17:09:35,499 ERROR [org.apache.catalina.connector.CoyoteAdapter] > (http--127.0.0.1-8443-1) An exception or error occurred in the container > during the request processing: javax.ws.rs.ProcessingException: Unable to > invoke request > at > org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient4Engine.invoke(ApacheHttpClient4Engine.java:287) > [resteasy-client-3.0.7.Final.jar:] > at > org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.invoke(ClientInvocation.java:407) > [resteasy-client-3.0.7.Final.jar:] > at > org.jboss.resteasy.client.jaxrs.internal.ClientInvocationBuilder.post(ClientInvocationBuilder.java:195) > [resteasy-client-3.0.7.Final.jar:] > at > org.jboss.resteasy.skeleton.key.as7.ServletOAuthLogin.resolveCode(ServletOAuthLogin.java:271) > [skeleton-key-as7-3.0.7.Final.jar:] > at > org.jboss.resteasy.skeleton.key.as7.OAuthManagedResourceValve.oauth(OAuthManagedResourceValve.java:273) > [skeleton-key-as7-3.0.7.Final.jar:] > at > org.jboss.resteasy.skeleton.key.as7.OAuthManagedResourceValve.authenticate(OAuthManagedResourceValve.java:175) > [skeleton-key-as7-3.0.7.Final.jar:] > at > org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:455) > [jbossweb-7.0.13.Final.jar:] > at > org.jboss.resteasy.skeleton.key.as7.OAuthManagedResourceValve.invoke(OAuthManagedResourceValve.java:138) > [skeleton-key-as7-3.0.7.Final.jar:] > at > org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) > [jboss-as-web-7.1.1.Final.jar:7.1.1.Final] > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) > [jbossweb-7.0.13.Final.jar:] > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) > [jbossweb-7.0.13.Final.jar:] > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) > [jbossweb-7.0.13.Final.jar:] > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) > [jbossweb-7.0.13.Final.jar:] > at > org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) > [jbossweb-7.0.13.Final.jar:] > at > org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) > [jbossweb-7.0.13.Final.jar:] > at > org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) > [jbossweb-7.0.13.Final.jar:] > at java.lang.Thread.run(Thread.java:662) [rt.jar:1.6.0_45] > Caused by: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated > at > com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:352) > [jsse.jar:1.6] > at > org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128) > [httpclient-4.2.1.jar:4.2.1] > at > org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:572) > [httpclient-4.2.1.jar:4.2.1] > at > org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180) > [httpclient-4.2.1.jar:4.2.1] > at > org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:294) > [httpclient-4.2.1.jar:4.2.1] > at > org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:640) > [httpclient-4.2.1.jar:4.2.1] > at > org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:479) > [httpclient-4.2.1.jar:4.2.1] > at > org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:906) > [httpclient-4.2.1.jar:4.2.1] > at > org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:805) > [httpclient-4.2.1.jar:4.2.1] > at > org.jboss.resteasy.client.jaxrs.engines
[Resteasy-users] Resteasy OAuth 2.0 Skeleton Key Example launchs javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
Hi! I'm trying to implement SSO through Resteasy Skeleton Key. I'm following the Chapter 39. OAuth 2.0 and Resteasy Skeleton Key of Resteasy Reference Guide. I generated my keystore with: keytool -genkey -alias mydomain -keyalg rsa -keystore realmDINF.jks then I exported my certificate with: keytool -exportcert -alias mydomain -keystore /opt/jboss-7.1.1.Final/standalone/configuration/realmDINF.jks -file /opt/jboss-7.1.1.Final/standalone/configuration/mydomain.cer then I imported my certificate into cacerts: keytool -import -alias mydomain -keystore cacerts -trustcacerts -file /opt/jboss-7.1.1.Final/standalone/configuration/mydomain.cer The auth-server application e the customer-app applicaton were deployed When I access the customer-app application in my browser: https://localhost:8443/customer-app I see the login page and when I enter user and password I get the following exception: 17:09:35,499 ERROR [org.apache.catalina.connector.CoyoteAdapter] (http--127.0.0.1-8443-1) An exception or error occurred in the container during the request processing: javax.ws.rs.ProcessingException: Unable to invoke request at org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient4Engine.invoke(ApacheHttpClient4Engine.java:287) [resteasy-client-3.0.7.Final.jar:] at org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.invoke(ClientInvocation.java:407) [resteasy-client-3.0.7.Final.jar:] at org.jboss.resteasy.client.jaxrs.internal.ClientInvocationBuilder.post(ClientInvocationBuilder.java:195) [resteasy-client-3.0.7.Final.jar:] at org.jboss.resteasy.skeleton.key.as7.ServletOAuthLogin.resolveCode(ServletOAuthLogin.java:271) [skeleton-key-as7-3.0.7.Final.jar:] at org.jboss.resteasy.skeleton.key.as7.OAuthManagedResourceValve.oauth(OAuthManagedResourceValve.java:273) [skeleton-key-as7-3.0.7.Final.jar:] at org.jboss.resteasy.skeleton.key.as7.OAuthManagedResourceValve.authenticate(OAuthManagedResourceValve.java:175) [skeleton-key-as7-3.0.7.Final.jar:] at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:455) [jbossweb-7.0.13.Final.jar:] at org.jboss.resteasy.skeleton.key.as7.OAuthManagedResourceValve.invoke(OAuthManagedResourceValve.java:138) [skeleton-key-as7-3.0.7.Final.jar:] at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final] at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.13.Final.jar:] at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.13.Final.jar:] at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.13.Final.jar:] at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.13.Final.jar:] at java.lang.Thread.run(Thread.java:662) [rt.jar:1.6.0_45] Caused by: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:352) [jsse.jar:1.6] at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128) [httpclient-4.2.1.jar:4.2.1] at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:572) [httpclient-4.2.1.jar:4.2.1] at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180) [httpclient-4.2.1.jar:4.2.1] at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:294) [httpclient-4.2.1.jar:4.2.1] at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:640) [httpclient-4.2.1.jar:4.2.1] at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:479) [httpclient-4.2.1.jar:4.2.1] at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:906) [httpclient-4.2.1.jar:4.2.1] at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:805) [httpclient-4.2.1.jar:4.2.1] at org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient4Engine.invoke(ApacheHttpClient4Engine.java:283) [resteasy-client-3.0.7.Final.jar:] ... 16 more I've tried everything but I couldn't get authenticated in customer-app application. Please, help me. What am I missing? Thanks in advance! ---