[keycloak-user] Jetty 503 when secured with confidential client+env vars, works with public
cen
imbacen at gmail.com
Wed Jan 4 05:20:23 EST 2017
I am using embedded Jetty 9.2. If I use a public client with env vars in
JSON everything works, if I use env vars for confidential client it
breaks with "503 service unavailable".
Works:
{
"realm": "${env.KC_REALM}",
"realm-public-key": "${env.KC_PUBLIC_KEY}",
"auth-server-url": "${env.KC_BASE_URL}",
"ssl-required": "${env.KC_SSL_REQUIRED}",
"resource": "${env.KC_RESOURCE}",
"public-client": true
}
Fails:
{
"realm": "${env.KC_REALM}",
"realm-public-key": "${env.KC_PUBLIC_KEY}",
"auth-server-url": "${env.KC_BASE_URL}",
"ssl-required": "${env.KC_SSL_REQUIRED}",
"resource": "${env.KC_CLIENT}",
"credentials": {
"secret": "${env.KC_CLIENT_SECRET}"
},
"use-resource-mappings": true
}
Confidential client works if I copy-paste the JSON from "Installation"
tab directly (without env vars).
I checked at least 10 times that my env vars are correct and that I
don't have a typo somewhere.
Unfortunately there are zero logs from Jetty or Keycloak adapter about
the problem. How would I go troubleshooting this?
More information about the keycloak-user
mailing list