Cannot login to ACS using newly created user in keycloak

kota_pardhu — Thu, 19 Oct 2023 06:09:22 GMT

I am trying to configure ACS with IDS.

I followed https://docs.alfresco.com/identity-service/latest/install/zip/ and brought the IDS up on my machine and running ACS also in local on Tomcat and configured it with IDS by adding the below properties.

Added the below properties in alf_data\tomcat\webapps\share\WEB-INF\classes\share-config.properties

aims.enabled=true
aims.realm=alfresco
aims.resource=alfresco
aims.authServerUrl=http://localhost:8999/auth
aims.sslRequired=external
aims.publicClient=
aims.autodetectBearerOnly=
aims.alwaysRefreshToken=
aims.principalAttribute=sub
aims.enableBasicAuth=true

Added the below properties in alf_data\tomcat\shared\classes\alfresco-global.properties

authentication.chain=identity-service1:identity-service,alfrescoNtlm1:alfrescoNtlm
identity-service.enable-basic-auth=true
identity-service.authentication.validation.failure.silent=false
identity-service.auth-server-url=http://localhost:8999/auth
identity-service.realm=alfresco
identity-service.resource=alfresco

And I've created a new user in keycloak under Alfresco realm using localhost:8999/auth and trying to login to the ACS using this new user credentials and getting the below error.

ERROR [org.springframework.extensions.webscripts.AbstractRuntime] [http-nio-8080-exec-8] Exception from executeScript: 09190061 User does not exist and could not be created: pardhu

Am I missing any other configuration or configured something wrong ?
Can someone please help me resolve this ?

Re: Cannot login to ACS using newly created user in keycloak

unibravo — Tue, 28 May 2024 23:44:56 GMT

I hope that will be useful.

Example my Url http://acs.alf.com

alfresco-global.properties

# ACS

authentication.chain=identity-service-1:identity-service,alfrescoNtlm-1:alfrescoNtlm

identity-service.enable-basic-auth=true

identity-service.auth-server-url=http://acs.alf.com/auth

identity-service.authentication.enabled=true

identity-service.authentication.defaultAdministratorUserNames=admin

identity-service.authentication.validation.failure.silent=false

identity-service.realm=alfresco

identity-service.resource=alfresco

identity-service.public-client=true

identity-service.ssl-required=none

csrf.filter.referer=http://acs.alf.com

csrf.filter.origin=http://acs.alf.com/*

# Alfresco Share AIMS

aims.enabled=true

aims.realm=alfresco

aims.resource=share

aims.authServerUrl=http://acs.alf.com/auth

aims.publicClient=true

aims.sslRequired=none

aims.autodetectBearerOnly=true

aims.alwaysRefreshToken=true

aims.enableBasicAuth=true

aims.principalattribute=email

#aims.secret=

share-config-custom.xml

<config evaluator="string-compare" condition="AIMS">
<enabled>true</enabled>
<realm>alfresco</realm>
<resource>share</resource>
<authServerUrl>http://acs.alf.com/auth</authServerUrl>
<sslRequired>none</sslRequired>
<publicClient>true</publicClient>
<autodetectBearerOnly>true</autodetectBearerOnly>
<alwaysRefreshToken>true</alwaysRefreshToken>
<principalAttribute>email</principalAttribute>
<enableBasicAuth>true</enableBasicAuth>
</config>

https://docs.alfresco.com/identity-service/latest/tutorial/sso/saml/

Best Regards

Mehmet Demirel

SelenSoft

Alfresco Community Türkiye

topic Cannot login to ACS using newly created user in keycloak in Alfresco Forum

Cannot login to ACS using newly created user in keycloak

Re: Cannot login to ACS using newly created user in keycloak