Just to share my "fix" for this problem:

The server is embedded in a bigger infrastructure and is called though vpn tunnel. It looked like that it was not able to determine the realm public key through the tunnel. executing a wget from the vserver itself to /ag-push/index.html solved the problem and the push server can be accessed through the tunnel, even after restart.  Maybe AeroGear Dev Team knows why this was neccessary?

Von: aerogear-users-bounces@lists.jboss.org <aerogear-users-bounces@lists.jboss.org> im Auftrag von Philipp Koetz, mVISE AG <Philipp.Koetz@mvise.de>
Gesendet: Mittwoch, 18. Mai 2016 15:39
An: aerogear-users@lists.jboss.org
Betreff: Re: [Aerogear-users] Unable to resolve realm public key remotely
 

Yes, auth-server.war is deployed and running:

 

2016-05-18 12:50:10,549 INFO  [org.wildfly.extension.undertow] (MSC service thread 1-4) JBAS017534: Registered web context: /ag-push

2016-05-18 12:50:10,748 INFO  [org.keycloak.services.resources.KeycloakApplication] (MSC service thread 1-3) Not importing realm aerogear from resource /WEB-INF/ups-realm.json.  It already exists.

2016-05-18 12:50:10,862 INFO  [org.wildfly.extension.undertow] (MSC service thread 1-3) JBAS017534: Registered web context: /auth

2016-05-18 12:50:11,013 INFO  [org.jboss.as.server] (ServerService Thread Pool -- 31) JBAS018559: Deployed "unifiedpush-auth-server.war" (runtime-name : "unifiedpush-auth-server.war")

2016-05-18 12:50:11,013 INFO  [org.jboss.as.server] (ServerService Thread Pool -- 31) JBAS018559: Deployed "unifiedpush-server-wildfly.war" (runtime-name : "unifiedpush-server-wildfly.war")

 

When I call auth/ I get a redirect (with the according message) to ag-push/ and then receive “internatl server error” with the stack trace from the first mail.

 

I will have a look in the dockerfiles.

 

Von: aerogear-users-bounces@lists.jboss.org [mailto:aerogear-users-bounces@lists.jboss.org] Im Auftrag von Matthias Wessendorf
Gesendet: Mittwoch, 18. Mai 2016 15:33
An: aerogear-users@lists.jboss.org
Betreff: Re: [Aerogear-users] Unable to resolve realm public key remotely

 

Did you deploy the auth-server.war file?

 

In our Dockerfiles, we do have example for self-signed certs too (WF-9, based). Perhaps worth to check it out as well, as a pattern?

https://github.com/aerogear/dockerfiles/tree/1.1.x/wildfly

 

-M 

 

On Wed, May 18, 2016 at 3:10 PM, Philipp Koetz, mVISE AG <Philipp.Koetz@mvise.de> wrote:

Hello,

 

i’ve set up the unified push server and run in this stack trace while trying to access /ag-push/

 

2016-05-18 12:51:24,969 ERROR [io.undertow.request] (default task-8) UT005023: Exception handling request to /ag-push/index.html: java.lang.RuntimeException: Unable to resolve realm public key remotely

        at org.keycloak.adapters.AdapterDeploymentContext.resolveRealmKey(AdapterDeploymentContext.java:134) [keycloak-adapter-core-1.3.1.Final.jar:1.3.1.Final]

        at org.keycloak.adapters.AdapterDeploymentContext.resolveDeployment(AdapterDeploymentContext.java:83) [keycloak-adapter-core-1.3.1.Final.jar:1.3.1.Final]

        at org.keycloak.adapters.PreAuthActionsHandler.preflightCors(PreAuthActionsHandler.java:71) [keycloak-adapter-core-1.3.1.Final.jar:1.3.1.Final]

        at org.keycloak.adapters.PreAuthActionsHandler.handleRequest(PreAuthActionsHandler.java:47) [keycloak-adapter-core-1.3.1.Final.jar:1.3.1.Final]

        at org.keycloak.adapters.undertow.ServletPreAuthActionsHandler.handleRequest(ServletPreAuthActionsHandler.java:68) [keycloak-undertow-adapter-1.3.1.Final.jar:1.3.1.Final]

        at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final]

        at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]

        at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:248) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]

        at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:77) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]

        at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:167) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]

        at io.undertow.server.Connectors.executeRootHandler(Connectors.java:199) [undertow-core-1.1.8.Final.jar:1.1.8.Final]

        at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:761) [undertow-core-1.1.8.Final.jar:1.1.8.Final]

        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [rt.jar:1.8.0_72-internal]

        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [rt.jar:1.8.0_72-internal]

        at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_72-internal]

Caused by: java.net.ConnectException: Connection refused

        at java.net.PlainSocketImpl.socketConnect(Native Method) [rt.jar:1.8.0_72-internal]

        at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350) [rt.jar:1.8.0_72-internal]

        at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206) [rt.jar:1.8.0_72-internal]

        at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188) [rt.jar:1.8.0_72-internal]

        at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) [rt.jar:1.8.0_72-internal]

        at java.net.Socket.connect(Socket.java:589) [rt.jar:1.8.0_72-internal]

        at sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:668) [jsse.jar:1.8.0_72-internal]

        at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:524) [httpclient-4.3.6.jar:4.3.6]

        at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:403) [httpclient-4.3.6.jar:4.3.6]

        at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:177) [httpclient-4.3.6.jar:4.3.6]

        at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:144) [httpclient-4.3.6.jar:4.3.6]

        at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:131) [httpclient-4.3.6.jar:4.3.6]

        at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:611) [httpclient-4.3.6.jar:4.3.6]

        at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:446) [httpclient-4.3.6.jar:4.3.6]

        at org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:863) [httpclient-4.3.6.jar:4.3.6]

        at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82) [httpclient-4.3.6.jar:4.3.6]

        at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:106) [httpclient-4.3.6.jar:4.3.6]

        at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:57) [httpclient-4.3.6.jar:4.3.6]

        at org.keycloak.adapters.AdapterDeploymentContext.resolveRealmKey(AdapterDeploymentContext.java:105) [keycloak-adapter-core-1.3.1.Final.jar:1.3.1.Final]

        ... 14 more

 

SSL setup should be correct, with a self signed cert, till accessing the wildfly start page via https works correctly.

If it helps I can also provide the standalone-full.xml.

 

I’m using version 1.13 on Wildfly 8.2.1. The error appears on http and https.

 

Regards,

Philipp Koetz

 

 


_______________________________________________
Aerogear-users mailing list
Aerogear-users@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-users



 

--

Matthias Wessendorf

blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf