[keycloak-user] Docker and Invalid token issuer
Svyatoslav Babych
s.babych at dataclaritycorp.com
Tue Feb 19 11:43:49 EST 2019
Hi,
Thank you very much, I resolve this with nginx proxy, but overall idea is the same.
Svyatoslav Babych | Senior Solution Architect, Technical team Lead
s.babych at dataclaritycorp.com
DataClarity Corporation | www.dataclaritycorp.com
Facebook | Twitter | LinkedIn
Confidentiality Notice: The information in this email and any attachments is confidential or proprietary and should be treated and marked as “Confidential” DataClarity communication. If you are not the intended recipient of this email, any review, disclosure, copying, or distribution of it including any attachments is strictly prohibited and may be unlawful. If you have received this email in error, please notify the sender and immediately and permanently delete it and destroy any copies. Any information contained in this email is subject to the terms and conditions expressed in any applicable agreement.
-----Original Message-----
From: Lorenzo Luconi Trombacchi <lorenzo.luconi at iit.cnr.it>
Sent: Tuesday, February 19, 2019 11:53 AM
To: Svyatoslav Babych <s.babych at dataclaritycorp.com>
Cc: keycloak-user <keycloak-user at lists.jboss.org>
Subject: Re: [keycloak-user] Docker and Invalid token issuer
Hi,
I think is a hostname problem not a IP problem. The IP can be private but you should reference your keycloak server using always the same hostname, when you get and when you check the token (your applications do the check).
I had a similar problem inside a docker swarm cluster because some applications referenced the keycloak server with an internal name and other with a different or external name.
I hope this helps.
Lorenzo
> Il giorno 14 feb 2019, alle ore 20:03, Svyatoslav Babych <https://urldefense.proofpoint.com/v2/url?u=http-3A__s.babych-40dataclaritycorp.com&d=DwIFaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=VNF-kfeJF1TBEB5ARBHS4a_CHCelKPIih8mZZS3xyaQ&m=f87bZIVk8T04HJhKN9IDzMoBKrTaMYUl9rDGIgPzhUk&s=8OVmYcUFVPQbVpDqgqSJNffo3KlXRN96HEJ3YGHVMaU&e=> ha scritto:
>
> Good morning everyone,
>
> Could you please help me with this, I believe, common problem:
> I setup keycloak in Docker container, and have second container what communicate with Keycloak through private IP.
> I acquire access token through public IP and then send request to this second container. As a result - "Invalid token issuer" exception.
> Unfortunately second container cannot use public IP.
> Appreciate any help with this ?
>
> Thank you,
> Best regards,
> Svyat
>
> Svyatoslav Babych | Senior Solution Architect, Technical team Lead
> s.babych at dataclaritycorp.com DataClarity Corporation |
> https://urldefense.proofpoint.com/v2/url?u=http-3A__www.dataclaritycor
> p.com&d=DwIFaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=VNF-kfe
> JF1TBEB5ARBHS4a_CHCelKPIih8mZZS3xyaQ&m=f87bZIVk8T04HJhKN9IDzMoBKrTaMYU
> l9rDGIgPzhUk&s=tScVh8FGabRSioG3CPN6Lsu9p1TNSo-VRp_5ksnSRQ0&e=
> Facebook | Twitter | LinkedIn
> Confidentiality Notice: The information in this email and any attachments is confidential or proprietary and should be treated and marked as “Confidential” DataClarity communication. If you are not the intended recipient of this email, any review, disclosure, copying, or distribution of it including any attachments is strictly prohibited and may be unlawful. If you have received this email in error, please notify the sender and immediately and permanently delete it and destroy any copies. Any information contained in this email is subject to the terms and conditions expressed in any applicable agreement.
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.jboss.org_m
> ailman_listinfo_keycloak-2Duser&d=DwIFaQ&c=euGZstcaTDllvimEN8b7jXrwqOf
> -v5A_CdpgnVfiiMM&r=VNF-kfeJF1TBEB5ARBHS4a_CHCelKPIih8mZZS3xyaQ&m=f87bZ
> IVk8T04HJhKN9IDzMoBKrTaMYUl9rDGIgPzhUk&s=roeJIkZ-zJsmlxVDGUTDst3bSqRFl
> Y0s7KYfW83V0pA&e=
----------
This email has been scanned for spam and viruses by Proofpoint Essentials. Visit the following link to report this email as spam:
https://us1.proofpointessentials.com/index01.php?mod_id=11&mod_option=logitem&mail_id=1550569975-nBWiCbNv7oYt&r_address=s.babych%40dataclaritycorp.com&report=
More information about the keycloak-user
mailing list