hrm, not atm
perhaps wanna ask at keycloak list?
On Thursday, 19 May 2016, Philipp Koetz, mVISE AG <Philipp.Koetz(a)mvise.de>
wrote:
Just to share my "fix" for this problem:
The server is embedded in a bigger infrastructure and is called though vpn
tunnel. It looked like that it was not able to determine the realm public
key through the tunnel. executing a wget from the vserver itself to
/ag-push/index.html solved the problem and the push server can be
accessed through the tunnel, even after restart. Maybe AeroGear Dev Team
knows why this was neccessary?
------------------------------
*Von:* aerogear-users-bounces(a)lists.jboss.org
<javascript:_e(%7B%7D,'cvml','aerogear-users-bounces@lists.jboss.org');>
<
aerogear-users-bounces(a)lists.jboss.org
<javascript:_e(%7B%7D,'cvml','aerogear-users-bounces@lists.jboss.org');>>
im Auftrag von Philipp Koetz, mVISE AG <Philipp.Koetz(a)mvise.de
<javascript:_e(%7B%7D,'cvml','Philipp.Koetz@mvise.de');>>
*Gesendet:* Mittwoch, 18. Mai 2016 15:39
*An:* aerogear-users(a)lists.jboss.org
<javascript:_e(%7B%7D,'cvml','aerogear-users@lists.jboss.org');>
*Betreff:* Re: [Aerogear-users] Unable to resolve realm public key
remotely
Yes, auth-server.war is deployed and running:
2016-05-18 12:50:10,549 INFO [org.wildfly.extension.undertow] (MSC
service thread 1-4) JBAS017534: Registered web context: /ag-push
2016-05-18 12:50:10,748 INFO
[org.keycloak.services.resources.KeycloakApplication] (MSC service thread
1-3) Not importing realm aerogear from resource /WEB-INF/ups-realm.json.
It already exists.
2016-05-18 12:50:10,862 INFO [org.wildfly.extension.undertow] (MSC
service thread 1-3) JBAS017534: Registered web context: /auth
2016-05-18 12:50:11,013 INFO [org.jboss.as.server] (ServerService Thread
Pool -- 31) JBAS018559: Deployed "unifiedpush-auth-server.war"
(runtime-name : "unifiedpush-auth-server.war")
2016-05-18 12:50:11,013 INFO [org.jboss.as.server] (ServerService Thread
Pool -- 31) JBAS018559: Deployed "unifiedpush-server-wildfly.war"
(runtime-name : "unifiedpush-server-wildfly.war")
When I call auth/ I get a redirect (with the according message) to
ag-push/ and then receive “internatl server error” with the stack trace
from the first mail.
I will have a look in the dockerfiles.
*Von:* aerogear-users-bounces(a)lists.jboss.org
<javascript:_e(%7B%7D,'cvml','aerogear-users-bounces@lists.jboss.org');>
[mailto:aerogear-users-bounces@lists.jboss.org
<javascript:_e(%7B%7D,'cvml','aerogear-users-bounces@lists.jboss.org');>]
*Im
Auftrag von *Matthias Wessendorf
*Gesendet:* Mittwoch, 18. Mai 2016 15:33
*An:* aerogear-users(a)lists.jboss.org
<javascript:_e(%7B%7D,'cvml','aerogear-users@lists.jboss.org');>
*Betreff:* Re: [Aerogear-users] Unable to resolve realm public key
remotely
Did you deploy the auth-server.war file?
In our Dockerfiles, we do have example for self-signed certs too (WF-9,
based). Perhaps worth to check it out as well, as a pattern?
https://github.com/aerogear/dockerfiles/tree/1.1.x/wildfly
-M
On Wed, May 18, 2016 at 3:10 PM, Philipp Koetz, mVISE AG <
Philipp.Koetz(a)mvise.de
<javascript:_e(%7B%7D,'cvml','Philipp.Koetz@mvise.de');>>
wrote:
Hello,
i’ve set up the unified push server and run in this stack trace while
trying to access /ag-push/
2016-05-18 12:51:24,969 ERROR [io.undertow.request] (default task-8)
UT005023: Exception handling request to /ag-push/index.html:
java.lang.RuntimeException: Unable to resolve realm public key remotely
at
org.keycloak.adapters.AdapterDeploymentContext.resolveRealmKey(AdapterDeploymentContext.java:134)
[keycloak-adapter-core-1.3.1.Final.jar:1.3.1.Final]
at
org.keycloak.adapters.AdapterDeploymentContext.resolveDeployment(AdapterDeploymentContext.java:83)
[keycloak-adapter-core-1.3.1.Final.jar:1.3.1.Final]
at
org.keycloak.adapters.PreAuthActionsHandler.preflightCors(PreAuthActionsHandler.java:71)
[keycloak-adapter-core-1.3.1.Final.jar:1.3.1.Final]
at
org.keycloak.adapters.PreAuthActionsHandler.handleRequest(PreAuthActionsHandler.java:47)
[keycloak-adapter-core-1.3.1.Final.jar:1.3.1.Final]
at
org.keycloak.adapters.undertow.ServletPreAuthActionsHandler.handleRequest(ServletPreAuthActionsHandler.java:68)
[keycloak-undertow-adapter-1.3.1.Final.jar:1.3.1.Final]
at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
[undertow-core-1.1.8.Final.jar:1.1.8.Final]
at
io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261)
[undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
at
io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:248)
[undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
at
io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:77)
[undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
at
io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:167)
[undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
at
io.undertow.server.Connectors.executeRootHandler(Connectors.java:199)
[undertow-core-1.1.8.Final.jar:1.1.8.Final]
at
io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:761)
[undertow-core-1.1.8.Final.jar:1.1.8.Final]
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
[rt.jar:1.8.0_72-internal]
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
[rt.jar:1.8.0_72-internal]
at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_72-internal]
Caused by: java.net.ConnectException: Connection refused
at java.net.PlainSocketImpl.socketConnect(Native Method)
[rt.jar:1.8.0_72-internal]
at
java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
[rt.jar:1.8.0_72-internal]
at
java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
[rt.jar:1.8.0_72-internal]
at
java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
[rt.jar:1.8.0_72-internal]
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
[rt.jar:1.8.0_72-internal]
at java.net.Socket.connect(Socket.java:589)
[rt.jar:1.8.0_72-internal]
at sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:668)
[jsse.jar:1.8.0_72-internal]
at
org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:524)
[httpclient-4.3.6.jar:4.3.6]
at
org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:403)
[httpclient-4.3.6.jar:4.3.6]
at
org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:177)
[httpclient-4.3.6.jar:4.3.6]
at
org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:144)
[httpclient-4.3.6.jar:4.3.6]
at
org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:131)
[httpclient-4.3.6.jar:4.3.6]
at
org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:611)
[httpclient-4.3.6.jar:4.3.6]
at
org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:446)
[httpclient-4.3.6.jar:4.3.6]
at
org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:863)
[httpclient-4.3.6.jar:4.3.6]
at
org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
[httpclient-4.3.6.jar:4.3.6]
at
org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:106)
[httpclient-4.3.6.jar:4.3.6]
at
org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:57)
[httpclient-4.3.6.jar:4.3.6]
at
org.keycloak.adapters.AdapterDeploymentContext.resolveRealmKey(AdapterDeploymentContext.java:105)
[keycloak-adapter-core-1.3.1.Final.jar:1.3.1.Final]
... 14 more
SSL setup should be correct, with a self signed cert, till accessing the
wildfly start page via https works correctly.
If it helps I can also provide the standalone-full.xml.
I’m using version 1.13 on Wildfly 8.2.1. The error appears on http and
https.
Regards,
Philipp Koetz
_______________________________________________
Aerogear-users mailing list
Aerogear-users(a)lists.jboss.org
<javascript:_e(%7B%7D,'cvml','Aerogear-users@lists.jboss.org');>
https://lists.jboss.org/mailman/listinfo/aerogear-users
--
Matthias Wessendorf
blog:
http://matthiaswessendorf.wordpress.com/
sessions:
http://www.slideshare.net/mwessendorf
twitter:
http://twitter.com/mwessendorf