Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

500 ERROR code when connecting keycloack to kapua (connection time out) #3336

Open
amelroua opened this issue Jun 23, 2021 · 1 comment
Open

500 ERROR code when connecting keycloack to kapua (connection time out) #3336

amelroua opened this issue Jun 23, 2021 · 1 comment
Labels
Question/support This issue contains a question or request of support on Kapua

Comments

@amelroua
Copy link

amelroua commented Jun 23, 2021
edited

I want to deploy SSO with keycloak. I tried to use the keyloak image and kapua image used in the

sso-docker-deploy.sh script
But I get everytime the same error of connection timeout between kapua console and keyloak

HTTP Error Code: 500
Requested Resource: /openid/callback
Error Message: javax.servlet.ServletException: javax.servlet.ServletException: Failed to get tokens: Error:
Exception Message: Connection timed out (Connection timed out)

Then I tried to use my own image with the set up of JAVA_OPTS and I get the same error everytime. I think that the problem is a connection issue between kapua and keycloak. But both kapua console and keycloak can ping each other.
I used KAPUA_URL: http://localhost:8080
for keycloack I tried with the public IP@: 172.18.xx and also with my host IP@ 192.168.xx but the same error is remaining.
But when I used the localhost for keyloak I get connection refused instead of connection time out.

I found that the problem is that kapua console cannot connect to the token endpoint of keyloak. when i tried to execute a curl command from kapua console container to get an access token:
curl -d 'client_id=console' -d 'username=admin' -d 'password=admin' -d 'grant_type=password' 'http://172.18.xx:port/auth/realms/kapua/protocol/openid-connect/token' | python -m json.tool
I have the same issue
But when I execute the curl command from my local host I can get an access token.

Any idea please how to solve this issue?
@lorthirk
Copy link

lorthirk commented Jun 30, 2021
edited

Can you reach Keycloak on localhost:9090 anche the Kapua Console at localhost:8080?
Anyway, please use KAPUA_CONSOLE_URL and not KAPUA_URL as you mentioned, since that should be the correct env variable. If you correctly populate both that one and KEYCLOAK_URL as mentioned at

kapua/assembly/console/entrypoint/run-console

Lines 17 to 20 in 64dde70

if [ -n "$KEYCLOAK_URL" ] && [ -n "$KAPUA_CONSOLE_URL" ]; then
echo "Activating OpenID Connect Keycloak integration..."
echo " Keycloak: $KEYCLOAK_URL"
echo " Kapua: $KAPUA_CONSOLE_URL"
you should see a log entry that tells you the current configuration

@lorthirk lorthirk added the Question/support This issue contains a question or request of support on Kapua label Jun 30, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Question/support This issue contains a question or request of support on Kapua
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lorthirk @amelroua