Open luanscps opened 2 years ago
My settings are these: ° keycloak radius plugin installed quarks. (ubuntu 20.04.3) ( external server ) running: /opt/keycloak-radius# bin/kc.sh start --hostname=mydomain.cloud --hostname-strict-backchannel=true --https-port=8443 ° configured https tls and hostname external ip ( no proxy ). ° radius over TLS configured as radsec port 1812 ,1813. ° configured "mikrotik-radius-plugin" only for login mikrotik ° user created for login test
My Mikrotik ° Routerboard RB750GR3 version 6.49.6 (stable) ° configured radius radsec, accouting AAA
The mistake: when i go to login by winbox i get the following error in keycloak terminal.
[com.github.vzakharchenko.radius.radius.handlers.AuthHandler] (pool-3-thread-1) failed with message: java.lang.NullPointerException 2022-09-11 12:38:15,706 ERROR [com.github.vzakharchenko.radius.radius.handlers.AuthHandler] (pool-3-thread-2) failed with message: java.lang.NullPointerException at org.keycloak.events.EventBuilder.(EventBuilder.java:55) at com.github.vzakharchenko.radius.event.log.EventLoggerUtils.createEvent(EventLoggerUtils.java:32) at com.github.vzakharchenko.radius.event.log.EventLoggerUtils.createMasterEvent(EventLoggerUtils.java:23) at com.github.vzakharchenko.radius.radius.handlers.protocols.AbstractAuthProtocol.isValid(AbstractAuthProtocol.java:94) at com.github.vzakharchenko.radius.radius.handlers.AuthHandler.channelRead0(AuthHandler.java:108) at com.github.vzakharchenko.radius.radius.handlers.AuthHandler.lambda$channelReadRadius$0(AuthHandler.java:126) at org.keycloak.models.utils.KeycloakModelUtils.runJobInTransaction(KeycloakModelUtils.java:250) at com.github.vzakharchenko.radius.radius.handlers.AuthHandler.channelReadRadius(AuthHandler.java:124) at com.github.vzakharchenko.radius.radius.handlers.AuthHandler.directRead(AuthHandler.java:159) at com.github.vzakharchenko.radsec.handlers.RadSecHandler.lambda$channelReadRadius$0(RadSecHandler.java:42) at org.keycloak.models.utils.KeycloakModelUtils.runJobInTransaction(KeycloakModelUtils.java:250) at com.github.vzakharchenko.radsec.handlers.RadSecHandler.channelReadRadius(RadSecHandler.java:36) at com.github.vzakharchenko.radius.radius.handlers.AbstractThreadRequestHandler.lambda$channelRead0$0(AbstractThreadRequestHandler.java:18) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) at java.base/java.lang.Thread.run(Thread.java:829)
STATUS RADIUS ROUTERBOARD
I don't know where I'm going wrong.
I have same problem :(
I just solved it by doing a fresh install maybe to some configuration that I went wrong
the problem may be involved in the radius authentication issue radsec or udp protocol.
I just solved it by doing a fresh install maybe to some configuration that I went wrong
the problem may be involved in the radius authentication issue radsec or udp protocol.
I still have this problem even fresh install with maven or docker. Can you write a guide for install and config keycloak and mikrotik? i have error when create new client with client type radius-protocol
Here is my Dockerfile and docker-compose: Dockerfile FROM vassio/keycloak-radius-plugin:latest as builder ENV KC_METRICS_ENABLED=true ENV KC_FEATURES=token-exchange ENV KC_DB=postgres
RUN /opt/keycloak/bin/kc.sh build --db=postgres FROM vassio/keycloak-radius-plugin:latest COPY --from=builder /opt/keycloak/lib/quarkus/ /opt/keycloak/lib/quarkus/ WORKDIR /opt/keycloak EXPOSE 8080 EXPOSE 9990 EXPOSE 1812/udp EXPOSE 1813/udp ENTRYPOINT [ "/opt/radius/scripts/docker-radius-entrypoint.sh" ]
docker-compose services: keycloak: image: keycloak-custom:latest environment: KEYCLOAK_ADMIN: admin KEYCLOAK_ADMIN_PASSWORD: admin KEYCLOAK_HOSTNAME: keycloak KC_PROXY: edge KC_HOSTNAME_STRICT_HTTPS: 'true' KC_DB_URL: jdbc:postgresql://postgres:5432/keycloak KC_DB: postgres KC_DB_USERNAME: keycloak KC_DB_PASSWORD: keycloak RADIUS_SHARED_SECRET: secret RADIUS_UDP: 'true' RADIUS_UDP_AUTH_PORT: 1812 RADIUS_UDP_ACCOUNT_PORT: 1813 RADIUS_RADSEC: 'false' RADIUS_DICTIONARY: '' RADIUS_RADSEC_PRIVATEKEY: /config/private.key RADIUS_RADSEC_CERTIFICATE: /config/public.crt RADIUS_COA: 'false' RADIUS_COA_PORT: 3799 "keycloak.profile.feature.upload_scripts": enabled ports:
postgres restart: always entrypoint: sh /opt/radius/scripts/docker-entrypoint.sh start --http-port=8080 --http-enabled=true --hostname-strict-https=false --hostname-strict=false
postgres: image: postgres:14.2-alpine volumes:
I found out that we need to use realm id instead of realm name
I just export realm configuration to get id
and paste it to MikroTik radius Realm field
My settings are these: ° keycloak radius plugin installed quarks. (ubuntu 20.04.3) ( external server ) running: /opt/keycloak-radius# bin/kc.sh start --hostname=mydomain.cloud --hostname-strict-backchannel=true --https-port=8443 ° configured https tls and hostname external ip ( no proxy ). ° radius over TLS configured as radsec port 1812 ,1813. ° configured "mikrotik-radius-plugin" only for login mikrotik ° user created for login test
My Mikrotik ° Routerboard RB750GR3 version 6.49.6 (stable) ° configured radius radsec, accouting AAA
The mistake: when i go to login by winbox i get the following error in keycloak terminal.
STATUS RADIUS ROUTERBOARD
I don't know where I'm going wrong.