12:13 p.m.
A little update, if you're willing to deploy UPS on Openshift:
https://issues.jboss.org/browse/AGPUSH-1352
On 2015-04-02, Sebastien Blanc wrote:
Thx for the headup !
When did this upgrade happened ?
Shouldn't we have the problem also with UPS 1.0.x series on OpenShift ?
On Thu, Apr 2, 2015 at 2:55 PM, Bruno Oliveira <bruno(a)abstractj.org> wrote:
> Good morning guys, I'm investigating the problem since yesterday. The
> problem at first glance is related with the upgrade on OpenShift to Java 8.
>
> Java 8 sends TLSv1.2 ClientHello and Java 7 TLSv1 and if the server
> somehow does not support version 1.2, it should be able to negotiate down
> to 1.1 or 1.0.
>
> I'm still investigating the root cause, but the immediate fix is to run KC
> and UPS on JDK 1.7 only. Meanwhile I will be investigating the issue.
>
> On Tue, Mar 31, 2015 at 11:10 AM, Matthias Wessendorf <matzew(a)apache.org>
> wrote:
>
>> that is on a totally different KC version
>>
>> On Tue, Mar 31, 2015 at 4:03 PM, Sebastien Blanc <scm.blanc(a)gmail.com>
>> wrote:
>>
>>> Maybe,
>>> But it may also be that I'm missing something stupid :) and I have to
>>> configure something extra since openshift is https and I always test
>>> locally ... But yeah for 1.0.x I did not have to do anything.
>>>
>>>
>>> On Tue, Mar 31, 2015 at 3:52 PM, Matthias Wessendorf
<matzew(a)apache.org>
>>> wrote:
>>>
>>>> anything wrong w/ the keycloak adapter, or was there a fix for a 1.1.1?
>>>>
>>>> On Tue, Mar 31, 2015 at 3:50 PM, Sebastien Blanc
<scm.blanc(a)gmail.com>
>>>> wrote:
>>>>
>>>>> Hi !
>>>>> I was trying (and so was Lukas) to deploy UPS 1.1 (master branch)
to
>>>>> an openshift gear (Wildfly 8.2 cartridge). After tweaking a bit the
>>>>> datasources to get it deployed, when trying to access /ag-push ,
I'm get an
>>>>> 500 internal server error.
>>>>>
>>>>> The wildfly logs show me the following :
>>>>>
>>>>> 2015-03-31 09:40:47,240 ERROR [io.undertow.request] (default task-8)
UT005023: Exception handling request to /ag-push/index.html: java.lang.RuntimeException:
Unable to resolve realm public key remotely
>>>>> at
org.keycloak.adapters.AdapterDeploymentContext.resolveRealmKey(AdapterDeploymentContext.java:134)
[keycloak-adapter-core-1.1.0.Final.jar:1.1.0.Final]
>>>>> at
org.keycloak.adapters.AdapterDeploymentContext.resolveDeployment(AdapterDeploymentContext.java:83)
[keycloak-adapter-core-1.1.0.Final.jar:1.1.0.Final]
>>>>> at
org.keycloak.adapters.PreAuthActionsHandler.preflightCors(PreAuthActionsHandler.java:71)
[keycloak-adapter-core-1.1.0.Final.jar:1.1.0.Final]
>>>>> at
org.keycloak.adapters.PreAuthActionsHandler.handleRequest(PreAuthActionsHandler.java:47)
[keycloak-adapter-core-1.1.0.Final.jar:1.1.0.Final]
>>>>> at
org.keycloak.adapters.undertow.ServletPreAuthActionsHandler.handleRequest(ServletPreAuthActionsHandler.java:68)
[keycloak-undertow-adapter-1.1.0.Final.jar:1.1.0.Final]
>>>>> at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
>>>>> at
io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261)
[undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
>>>>> at
io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:247)
[undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
>>>>> at
io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:76)
[undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
>>>>> at
io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:166)
[undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
>>>>> at
io.undertow.server.Connectors.executeRootHandler(Connectors.java:197)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
>>>>> at
io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:759)
[undertow-core-1.1.0.Final.jar:1.1.0.Final]
>>>>> at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
[rt.jar:1.8.0_31]
>>>>> at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
[rt.jar:1.8.0_31]
>>>>> at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_31]
>>>>> Caused by: javax.net.ssl.SSLPeerUnverifiedException: peer not
authenticated
>>>>> at
sun.security.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:431)
[jsse.jar:1.8.0_31]
>>>>> at
org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
[httpclient-4.2.1.jar:4.2.1]
>>>>> at
org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:572)
[httpclient-4.2.1.jar:4.2.1]
>>>>> at
org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180)
[httpclient-4.2.1.jar:4.2.1]
>>>>>
>>>>>
>>>>> So "peer not authenticated" seems pretty obvious for the
reason it fails.
>>>>> The question is what do we need to do for this ? Anyone an idea ?
>>>>>
>>>>> Thx,
>>>>> Sebi
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> aerogear-dev mailing list
>>>>> aerogear-dev(a)lists.jboss.org
>>>>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Matthias Wessendorf
>>>>
>>>> blog: http://matthiaswessendorf.wordpress.com/
>>>> sessions: http://www.slideshare.net/mwessendorf
>>>> twitter: http://twitter.com/mwessendorf
>>>>
>>>> _______________________________________________
>>>> aerogear-dev mailing list
>>>> aerogear-dev(a)lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>>>
>>>
>>>
>>> _______________________________________________
>>> aerogear-dev mailing list
>>> aerogear-dev(a)lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>>
>>
>>
>>
>> --
>> Matthias Wessendorf
>>
>> blog: http://matthiaswessendorf.wordpress.com/
>> sessions: http://www.slideshare.net/mwessendorf
>> twitter: http://twitter.com/mwessendorf
>>
>> _______________________________________________
>> aerogear-dev mailing list
>> aerogear-dev(a)lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>
>
>
>
> --
>
> --
> "The measure of a man is what he does with power" - Plato
> -
> @abstractj
> -
> Volenti Nihil Difficile
>
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>
_______________________________________________
aerogear-dev mailing list
aerogear-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev
--
abstractj
PGP: 0x84DC9914