I have an (existing) EAR application running on WebLogic 12.2.1 (Java EE 7) where I am working on including a Keycloak Admin Client (for user management on a Red Hat SSO 7.6 installation). The simplified structure is this:
EAR
- /lib
- keycloak-admin-client-18.0.9.redhat-00001.jar
- EJBModule
- EJB classes
- WebAppModule (WAR)
- JAX-RS resources, calling EJBs
The EJB classes and webapps work fine (already existing, no changes there yet).
I created a new EJB for the user management ("KeycloakUserManagementService"), containing a builder for a Keycloak instance:
Keycloak keycloak = KeycloakBuilder.builder().serverUrl(url)
.realm(realmName)
.grantType(OAuth2Constants.CLIENT_CREDENTIALS)
.clientId(clientId)
.clientSecret(clientSecret)
.build();
This builder fails with the following exception:
java.lang.IllegalArgumentException: interface org.keycloak.admin.client.token.TokenService is not visible from class loader
I verified that the source jar is the correct jar "keycloak-admin-client-18.0.9.redhat-00001.jar" inside the EAR, by adding this in the new EJB class:
URL pathToJar = Thread.currentThread().getContextClassLoader().loadClass("org.keycloak.admin.client.token.TokenService").getProtectionDomain().getCodeSource().getLocation();
Usually, when classloader issues happen (necessary for Guava, Jackson etc) it's a matter of adding the packages to weblogic.xml and weblogic-application.xml like this, but that did not work for the Keycloak classes:
<prefer-application-packages>
<package-name>org.keycloak.*</package-name>
</prefer-application-packages>
Already tried:
- Running the same builder in the WebAppModule works fine. (this is not a solution due to how the total application is setup over modules with various responsibilities)
- Verifying that there are no duplicate class definitions on the classpath. As far as I can see this is not the case.
Question:
Any ideas what is going wrong and how I can fix it? As far as I can see the correct class from the correct .jar is loaded.