CLI scripts
by Justin Williams
Hello,
I'm mounting a volume containing CLI scripts to my Keycloak Docker
container "startup-scripts" directory, and the scripts execute, however
they do not take effect if a reload is required. I'm not seeing how I can
get the server to reload after executing all of the scripts.
Any suggestions?
Example (request-logging.cli):
embed-server --server-config=standalone.xml --std-out=echo
echo SETUP: Enabling detailed request logging
/subsystem=undertow/configuration=filter/custom-filter=request-logging-filter:add(class-name=io.undertow.server.handlers.RequestDumpingHandler,
module=io.undertow.core)
/subsystem=undertow/server=default-server/host=default-host/filter-ref=request-logging-filter:add
stop-embedded-server
4 years, 9 months
- 2
- 2
Can only seem to use docker image 3.4.0.final
by Nick Powers
Sinykk,
I think the main thing to focus on from your logs is this line:
"keycloak | Caused by: java.lang.RuntimeException: Failed to connect to
database"
It looks like you are trying to setup Keycloak to use an external DB. I
have not attempted that configuration. I built out a Postgres container in
my docker-compose.yml.
Below are the 2 files needed for that type of deployment,
docker-compose.yml and .env, the docker-compose.yml includes a Nginx proxy
container with a LetsEncrypt sidecar
container and the Postgres DB container. This way, all I have to do is run
docker-compose up -d to run all 3. The only thing that requires editing to
get this to work is
the .env file (which contains all the configuration items). The only
things you should need to change in the .env file
is DB_PASSWORD (since this will setup a new DB you can use whatever PW you
want), KEYCLOAK_HOSTNAME (change to whatever domain is being protected by
Keycloak),
KEYCLOAK_HOSTNAME and LETSENCRYPT_HOST should both be set to the same value
you set KEYCLOAK_HOSTNAME to. LETSENCRYPT_EMAIL should be set to an
email address. I don't think letsencrypt checks the email just has to have
an email there. I generally use certs(a)yourdomain.com where yourdomain is
the same as KEYCLOAK_HOSTNAME.
This configuration will setup a Nginx proxy container with a LetsEncrypt
sidecar that automatically retrieves HTTPS certificates from LetsEncrypt
and proxies HTTPS to the Keycloak container.
The Keycloak container will use the Postgress DB container for all of it's
DB needs.
Below is my configuration, it may not be exactly what you want but
hopefully will get you closer to your goal. Thanks - Nick
docker-compose.yml FILE (below):
version: '3'
services:
keycloak:
container_name: keycloak
image: jboss/keycloak
container_name: keycloak
restart: always
ports:
- 0.0.0.0:8080:8080
environment:
DB_DATABASE: ${DB_DATABASE}
DB_USER: ${DB_USER}
DB_PASSWORD: ${DB_PASSWORD}
JDBC_PARAMS: ${JDBC_PARAMS}
KEYCLOAK_HOSTNAME: ${KEYCLOAK_HOSTNAME}
KEYCLOAK_HTTP_PORT: ${KEYCLOAK_HTTP_PORT}
KEYCLOAK_USER: ${KEYCLOAK_USER}
KEYCLOAK_PASSWORD: ${KEYCLOAK_PASSWORD}
VIRTUAL_HOST: ${VIRTUAL_HOST}
VIRTUAL_PORT: ${VIRTUAL_PORT}
PROXY_ADDRESS_FORWARDING: ${PROXY_ADDRESS_FORWARDING}
LETSENCRYPT_HOST: ${LETSENCRYPT_HOST}
LETSENCRYPT_EMAIL: ${LETSENCRYPT_EMAIL}
depends_on:
- postgres
postgres:
container_name: postgres
image: postgres
restart: always
environment:
POSTGRES_DB: ${DB_DATABASE}
POSTGRES_USER: ${DB_USER}
POSTGRES_PASSWORD: ${DB_PASSWORD}
volumes:
- data:/var/lib/postgresql/data
nginx-proxy:
image: jwilder/nginx-proxy:alpine
container_name: nginx-proxy
restart: always
labels:
com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy: 'true'
ports:
- 80:80
- 443:443
volumes:
- ./nginx/data/certs:/etc/nginx/certs:ro
- ./nginx/data/conf.d:/etc/nginx/conf.d
- ./nginx/data/vhost.d:/etc/nginx/vhost.d
- ./nginx/data/html:/usr/share/nginx/html
- /var/run/docker.sock:/tmp/docker.sock:ro
letsencrypt:
image: jrcs/letsencrypt-nginx-proxy-companion
container_name: letsencrypt
restart: always
volumes:
- ./nginx/data/vhost.d:/etc/nginx/vhost.d
- ./nginx/data/certs:/etc/nginx/certs:rw
- ./nginx/data/html:/usr/share/nginx/html
- /var/run/docker.sock:/var/run/docker.sock:ro
depends_on:
- nginx-proxy
volumes:
data:
DB_DATABASE=keycloak_db
DB_USER=keycloak_db_user
DB_PASSWORD="dF3d<Kv4(n'o%}C>"
KEYCLOAK_HOSTNAME=auth.clearauth.com
KEYCLOAK_HTTP_PORT=8080
KEYCLOAK_USER=admin
KEYCLOAK_PASSWORD="*t3{$TnN&,Jfg@z"
JDBC_PARAMS="ssl=false"
PROXY_ADDRESS_FORWARDING=true
VIRTUAL_HOST=auth.clearauth.com
VIRTUAL_PORT=8080
LETSENCRYPT_HOST=auth.clearauth.com
LETSENCRYPT_EMAIL=certs(a)clearauth.com
.env FILE (below):
DB_DATABASE=keycloak_db
DB_USER=keycloak_db_user
DB_PASSWORD="tops3cr3t"
KEYCLOAK_HOSTNAME=yourdomain.com
KEYCLOAK_HTTP_PORT=8080
KEYCLOAK_USER=admin
KEYCLOAK_PASSWORD="*tops3cr3t"
JDBC_PARAMS="ssl=false"
PROXY_ADDRESS_FORWARDING=true
VIRTUAL_HOST=auth.clearauth.com
VIRTUAL_PORT=8080
LETSENCRYPT_HOST=yourdomain.com
LETSENCRYPT_EMAIL=certs(a)yourdomain.com
-----Original Message-----
From: keycloak-user-bounces at lists.jboss.org
<https://lists.jboss.org/mailman/listinfo/keycloak-user>
[mailto:keycloak-user-bounces at lists.jboss.org
<https://lists.jboss.org/mailman/listinfo/keycloak-user>] On Behalf Of
Sinykk Skizm
Sent: Wednesday, Jul 16, 2019 7:53 PM
To: keycloak-user at lists.jboss.org
<https://lists.jboss.org/mailman/listinfo/keycloak-user>
Subject: [keycloak-user] Can only seem to use docker image 3.4.0.final
> /I'm trying to run keycloak in docker and for whatever reason, it just won't. Except if I use the 3.4.0.Final tag, then keycloak spins up without any issues.
>
> This is my docker compose for jboss/keycloak
> # KeyCloak - Open Source Identity and Access Management
> keycloak:
> image: jboss/keycloak
> container_name: keycloak
> restart: always
> hostname: keycloak
> ports:
> - "8282:8080"
> environment:
> - DB_VENDOR=POSTGRES
> - DB_ADDR=postgresdb
> - DB_DATABASE=keycloak
> - DB_PORT=54320
> - DB_USER=myuser
> - DB_SCHEMA=public
> - DB_PASSWORD=##mypassword$$
> - PROXY_ADDRESS_FORWARDING=true
> - KEYCLOAK_LOGLEVEL=INFO
> - KEYCLOAK_USER=admin
> - KEYCLOAK_PASSWORD=##mypassword##
> depends_on:
> - postgresdb
> command:
> - "-b 0.0.0.0"
> - "-Dkeycloak.profile.feature.docker=enabled"
> This is is what's produced in the docker-compose logs.
>
> keycloak | =========================================================================
> keycloak |
> keycloak | JBoss Bootstrap Environment
> keycloak |
> keycloak | JBOSS_HOME: /opt/jboss/keycloak
> keycloak |
> keycloak | JAVA: /usr/lib/jvm/java/bin/java
> keycloak |
> keycloak | JAVA_OPTS: -server -Xms64m -Xmx512m -XX:MetaspaceSize=96M -XX:MaxMetaspaceSize=256m -Djava.net.preferIPv4Stack=true -Djboss.modules.system.pkgs=org.jboss.byteman -Djava.awt.headless=true
> keycloak |
> keycloak | =========================================================================
> keycloak |
> keycloak | 23:42:03,387 INFO [org.jboss.modules] (main) JBoss Modules version 1.9.0.Final
> keycloak | 23:42:03,769 INFO [org.jboss.msc] (main) JBoss MSC version 1.4.5.Final
> keycloak | 23:42:03,782 INFO [org.jboss.threads] (main) JBoss Threads version 2.3.3.Final
> keycloak | 23:42:03,918 INFO [org.jboss.as] (MSC service thread 1-1) WFLYSRV0049: Keycloak 6.0.1 (WildFly Core 8.0.0.Final) starting
> keycloak | 23:42:03,988 INFO [org.jboss.vfs] (MSC service thread 1-7) VFS000002: Failed to clean existing content for temp file provider of type temp. Enable DEBUG level log to find what caused this
> keycloak | 23:42:04,586 INFO [org.wildfly.security] (ServerService Thread Pool -- 19) ELY00001: WildFly Elytron version 1.8.0.Final
> keycloak | 23:42:05,261 INFO [org.jboss.as.controller.management-deprecated] (Controller Boot Thread) WFLYCTL0028: Attribute 'security-realm' in the resource at address '/core-service=management/management-interface=http-interface' is deprecated, and may be removed in a future version. See the attribute description in the output of the read-resource-description operation to learn more about the deprecation.
> keycloak | 23:42:05,293 INFO [org.jboss.as.controller.management-deprecated] (ServerService Thread Pool -- 29) WFLYCTL0028: Attribute 'security-realm' in the resource at address '/subsystem=undertow/server=default-server/https-listener=https' is deprecated, and may be removed in a future version. See the attribute description in the output of the read-resource-description operation to learn more about the deprecation.
> keycloak | 23:42:05,435 INFO [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0039: Creating http management service using socket-binding (management-http)
> keycloak | 23:42:05,450 INFO [org.xnio] (MSC service thread 1-4) XNIO version 3.6.5.Final
> keycloak | 23:42:05,456 INFO [org.xnio.nio] (MSC service thread 1-4) XNIO NIO Implementation Version 3.6.5.Final
> keycloak | 23:42:05,498 INFO [org.wildfly.extension.io] (ServerService Thread Pool -- 39) WFLYIO001: Worker 'default' has auto-configured to 16 core threads with 128 task threads based on your 8 available processors
> keycloak | 23:42:05,501 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 38) WFLYCLINF0001: Activating Infinispan subsystem.
> keycloak | 23:42:05,507 INFO [org.jboss.as.clustering.jgroups] (ServerService Thread Pool -- 42) WFLYCLJG0001: Activating JGroups subsystem. JGroups version 4.0.18
> keycloak | 23:42:05,501 INFO [org.jboss.as.connector.subsystems.datasources] (ServerService Thread Pool -- 33) WFLYJCA0004: Deploying JDBC-compliant driver class org.h2.Driver (version 1.4)
> keycloak | 23:42:05,512 INFO [org.jboss.as.connector] (MSC service thread 1-3) WFLYJCA0009: Starting JCA Subsystem (WildFly/IronJacamar 1.4.12.Final)
> keycloak | 23:42:05,518 INFO [org.jboss.as.connector.deployers.jdbc] (MSC service thread 1-1) WFLYJCA0018: Started Driver service with driver-name = h2
> keycloak | 23:42:05,519 INFO [org.jboss.as.jaxrs] (ServerService Thread Pool -- 40) WFLYRS0016: RESTEasy version 3.6.3.Final
> keycloak | 23:42:05,536 INFO [org.jboss.as.connector.subsystems.datasources] (ServerService Thread Pool -- 33) WFLYJCA0005: Deploying non-JDBC-compliant driver class org.postgresql.Driver (version 42.2)
> keycloak | 23:42:05,550 INFO [org.jboss.as.connector.deployers.jdbc] (MSC service thread 1-6) WFLYJCA0018: Started Driver service with driver-name = postgresql
> keycloak | 23:42:05,565 INFO [org.jboss.remoting] (MSC service thread 1-4) JBoss Remoting version 5.0.8.Final
> keycloak | 23:42:05,588 INFO [org.wildfly.extension.microprofile.config.smallrye._private] (ServerService Thread Pool -- 47) WFLYCONF0001: Activating WildFly MicroProfile Config Subsystem
> keycloak | 23:42:05,607 WARN [org.jboss.as.txn] (ServerService Thread Pool -- 56) WFLYTX0013: The node-identifier attribute on the /subsystem=transactions is set to the default value. This is a danger for environments running multiple servers. Please make sure the attribute value is unique.
> keycloak | 23:42:05,615 INFO [org.wildfly.extension.microprofile.metrics.smallrye] (ServerService Thread Pool -- 49) WFLYMETRICS0001: Activating Eclipse MicroProfile Metrics Subsystem
> keycloak | 23:42:05,615 INFO [org.jboss.as.mail.extension] (MSC service thread 1-2) WFLYMAIL0002: Unbound mail session [java:jboss/mail/Default]
> keycloak | 23:42:05,618 INFO [org.wildfly.extension.microprofile.health.smallrye] (ServerService Thread Pool -- 48) WFLYHEALTH0001: Activating Eclipse MicroProfile Health Subsystem
> keycloak | 23:42:05,619 INFO [org.jboss.as.naming] (ServerService Thread Pool -- 51) WFLYNAM0001: Activating Naming Subsystem
> keycloak | 23:42:05,747 INFO [org.jboss.as.security] (ServerService Thread Pool -- 54) WFLYSEC0002: Activating Security Subsystem
> keycloak | 23:42:05,766 INFO [org.wildfly.extension.undertow] (MSC service thread 1-4) WFLYUT0003: Undertow 2.0.19.Final starting
> keycloak | 23:42:05,767 INFO [org.jboss.as.connector.subsystems.datasources] (MSC service thread 1-5) WFLYJCA0010: Unbound data source [java:jboss/datasources/ExampleDS]
> keycloak | 23:42:05,774 INFO [org.jboss.as.connector.subsystems.datasources] (MSC service thread 1-2) WFLYJCA0010: Unbound data source [java:jboss/datasources/KeycloakDS]
> keycloak | 23:42:05,789 INFO [org.jboss.as.security] (MSC service thread 1-4) WFLYSEC0001: Current PicketBox version=5.0.3.Final
> keycloak | 23:42:05,803 INFO [io.smallrye.metrics] (MSC service thread 1-6) Converted [2] config entries and added [4] replacements
> keycloak | 23:42:05,810 INFO [io.smallrye.metrics] (MSC service thread 1-6) Converted [3] config entries and added [14] replacements
> keycloak | 23:42:05,832 INFO [org.jboss.as.naming] (MSC service thread 1-2) WFLYNAM0003: Starting Naming Service
> keycloak | 23:42:05,841 INFO [org.jboss.as.mail.extension] (MSC service thread 1-4) WFLYMAIL0001: Bound mail session [java:jboss/mail/Default]
> keycloak | 23:42:05,858 INFO [org.jboss.as.ejb3] (MSC service thread 1-8) WFLYEJB0481: Strict pool slsb-strict-max-pool is using a max instance size of 128 (per class), which is derived from thread worker pool sizing.
> keycloak | 23:42:05,860 INFO [org.jboss.as.ejb3] (MSC service thread 1-7) WFLYEJB0482: Strict pool mdb-strict-max-pool is using a max instance size of 32 (per class), which is derived from the number of CPUs on this host.
> keycloak | 23:42:05,924 INFO [org.wildfly.extension.undertow] (ServerService Thread Pool -- 57) WFLYUT0014: Creating file handler for path '/opt/jboss/keycloak/welcome-content' with options [directory-listing: 'false', follow-symlink: 'false', case-sensitive: 'true', safe-symlink-paths: '[]']
> keycloak | 23:42:05,934 INFO [org.wildfly.extension.undertow] (MSC service thread 1-6) WFLYUT0012: Started server default-server.
> keycloak | 23:42:05,953 INFO [org.wildfly.extension.undertow] (MSC service thread 1-1) WFLYUT0018: Host default-host starting
> keycloak | 23:42:05,987 INFO [org.wildfly.extension.undertow] (MSC service thread 1-2) WFLYUT0006: Undertow HTTP listener default listening on 0.0.0.0:8080
> keycloak | 23:42:05,987 INFO [org.wildfly.extension.undertow] (MSC service thread 1-7) WFLYUT0006: Undertow AJP listener ajp listening on 0.0.0.0:8009
> keycloak | 23:42:06,002 INFO [org.jboss.modcluster] (ServerService Thread Pool -- 58) MODCLUSTER000001: Initializing mod_cluster version 1.4.0.Final
> keycloak | 23:42:06,018 INFO [org.jboss.modcluster] (ServerService Thread Pool -- 58) MODCLUSTER000032: Listening to proxy advertisements on /224.0.1.105:23364
> keycloak | 23:42:06,078 INFO [org.jboss.as.patching] (MSC service thread 1-5) WFLYPAT0050: Keycloak cumulative patch ID is: base, one-off patches include: none
> keycloak | 23:42:06,091 INFO [org.jboss.as.ejb3] (MSC service thread 1-3) WFLYEJB0493: EJB subsystem suspension complete
> keycloak | 23:42:06,096 WARN [org.jboss.as.domain.management.security] (MSC service thread 1-8) WFLYDM0111: Keystore /opt/jboss/keycloak/standalone/configuration/application.keystore not found, it will be auto generated on first use with a self signed certificate for host localhost
> keycloak | 23:42:06,108 INFO [org.jboss.as.server.deployment.scanner] (MSC service thread 1-4) WFLYDS0013: Started FileSystemDeploymentService for directory /opt/jboss/keycloak/standalone/deployments
> keycloak | 23:42:06,119 INFO [org.jboss.as.server.deployment] (MSC service thread 1-7) WFLYSRV0027: Starting deployment of "keycloak-server.war" (runtime-name: "keycloak-server.war")
> keycloak | 23:42:06,171 INFO [org.wildfly.extension.undertow] (MSC service thread 1-8) WFLYUT0006: Undertow HTTPS listener https listening on 0.0.0.0:8443
> keycloak | 23:42:06,177 INFO [org.jboss.as.connector.subsystems.datasources] (MSC service thread 1-2) WFLYJCA0001: Bound data source [java:jboss/datasources/ExampleDS]
> keycloak | 23:42:06,178 INFO [org.jboss.as.connector.subsystems.datasources] (MSC service thread 1-7) WFLYJCA0001: Bound data source [java:jboss/datasources/KeycloakDS]
> keycloak | 23:42:06,344 WARN [org.jboss.as.dependency.private] (MSC service thread 1-1) WFLYSRV0018: Deployment "deployment.keycloak-server.war" is using a private module ("org.kie") which may be changed or removed in future versions without notice.
> keycloak | 23:42:06,631 WARN [org.jgroups.protocols.UDP] (ServerService Thread Pool -- 58) JGRP000015: the send buffer of socket ManagedMulticastSocketBinding was set to 1.00MB, but the OS only allocated 212.99KB. This might lead to performance problems. Please set your max send buffer in the OS correctly (e.g. net.core.wmem_max on Linux)
> keycloak | 23:42:06,632 WARN [org.jgroups.protocols.UDP] (ServerService Thread Pool -- 58) JGRP000015: the receive buffer of socket ManagedMulticastSocketBinding was set to 20.00MB, but the OS only allocated 212.99KB. This might lead to performance problems. Please set your max receive buffer in the OS correctly (e.g. net.core.rmem_max on Linux)
> keycloak | 23:42:06,632 WARN [org.jgroups.protocols.UDP] (ServerService Thread Pool -- 58) JGRP000015: the send buffer of socket ManagedMulticastSocketBinding was set to 1.00MB, but the OS only allocated 212.99KB. This might lead to performance problems. Please set your max send buffer in the OS correctly (e.g. net.core.wmem_max on Linux)
> keycloak | 23:42:06,632 WARN [org.jgroups.protocols.UDP] (ServerService Thread Pool -- 58) JGRP000015: the receive buffer of socket ManagedMulticastSocketBinding was set to 25.00MB, but the OS only allocated 212.99KB. This might lead to performance problems. Please set your max receive buffer in the OS correctly (e.g. net.core.rmem_max on Linux)
> keycloak | 23:42:09,641 INFO [org.jgroups.protocols.pbcast.GMS] (ServerService Thread Pool -- 58) keycloak: no members discovered after 3003 ms: creating cluster as first member
> keycloak | 23:42:09,939 INFO [org.infinispan.factories.GlobalComponentRegistry] (MSC service thread 1-7) ISPN000128: Infinispan version: Infinispan 'Infinity Minus ONE +2' 9.4.8.Final
> keycloak | 23:42:10,118 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-4) ISPN000078: Starting JGroups channel ejb
> keycloak | 23:42:10,118 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-1) ISPN000078: Starting JGroups channel ejb
> keycloak | 23:42:10,118 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-5) ISPN000078: Starting JGroups channel ejb
> keycloak | 23:42:10,118 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-6) ISPN000078: Starting JGroups channel ejb
> keycloak | 23:42:10,118 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-7) ISPN000078: Starting JGroups channel ejb
> keycloak | 23:42:10,124 INFO [org.infinispan.CLUSTER] (MSC service thread 1-4) ISPN000094: Received new cluster view for channel ejb: [keycloak|0] (1) [keycloak]
> keycloak | 23:42:10,124 INFO [org.infinispan.CLUSTER] (MSC service thread 1-6) ISPN000094: Received new cluster view for channel ejb: [keycloak|0] (1) [keycloak]
> keycloak | 23:42:10,124 INFO [org.infinispan.CLUSTER] (MSC service thread 1-5) ISPN000094: Received new cluster view for channel ejb: [keycloak|0] (1) [keycloak]
> keycloak | 23:42:10,124 INFO [org.infinispan.CLUSTER] (MSC service thread 1-7) ISPN000094: Received new cluster view for channel ejb: [keycloak|0] (1) [keycloak]
> keycloak | 23:42:10,124 INFO [org.infinispan.CLUSTER] (MSC service thread 1-1) ISPN000094: Received new cluster view for channel ejb: [keycloak|0] (1) [keycloak]
> keycloak | 23:42:10,132 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-1) ISPN000079: Channel ejb local address is keycloak, physical addresses are [172.19.0.6:55200]
> keycloak | 23:42:10,132 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-6) ISPN000079: Channel ejb local address is keycloak, physical addresses are [172.19.0.6:55200]
> keycloak | 23:42:10,133 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-4) ISPN000079: Channel ejb local address is keycloak, physical addresses are [172.19.0.6:55200]
> keycloak | 23:42:10,132 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-7) ISPN000079: Channel ejb local address is keycloak, physical addresses are [172.19.0.6:55200]
> keycloak | 23:42:10,134 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-5) ISPN000079: Channel ejb local address is keycloak, physical addresses are [172.19.0.6:55200]
> keycloak | 23:42:10,311 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 58) WFLYCLINF0002: Started users cache from keycloak container
> keycloak | 23:42:10,311 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 61) WFLYCLINF0002: Started realms cache from keycloak container
> keycloak | 23:42:10,311 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 65) WFLYCLINF0002: Started authorization cache from keycloak container
> keycloak | 23:42:10,311 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 68) WFLYCLINF0002: Started keys cache from keycloak container
> keycloak | 23:42:10,666 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 69) WFLYCLINF0002: Started offlineSessions cache from keycloak container
> keycloak | 23:42:10,666 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 64) WFLYCLINF0002: Started authenticationSessions cache from keycloak container
> keycloak | 23:42:10,668 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 63) WFLYCLINF0002: Started clientSessions cache from keycloak container
> keycloak | 23:42:10,668 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 67) WFLYCLINF0002: Started actionTokens cache from keycloak container
> keycloak | 23:42:10,668 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 62) WFLYCLINF0002: Started offlineClientSessions cache from keycloak container
> keycloak | 23:42:10,668 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 59) WFLYCLINF0002: Started sessions cache from keycloak container
> keycloak | 23:42:10,669 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 70) WFLYCLINF0002: Started client-mappings cache from ejb container
> keycloak | 23:42:10,669 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 66) WFLYCLINF0002: Started work cache from keycloak container
> keycloak | 23:42:10,670 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 60) WFLYCLINF0002: Started loginFailures cache from keycloak container
> keycloak | 23:42:10,798 WARN [org.jboss.as.server.deployment] (MSC service thread 1-6) WFLYSRV0273: Excluded subsystem weld via jboss-deployment-structure.xml does not exist.
> keycloak | 23:42:10,798 WARN [org.jboss.as.server.deployment] (MSC service thread 1-6) WFLYSRV0273: Excluded subsystem webservices via jboss-deployment-structure.xml does not exist.
> keycloak | 23:42:11,300 INFO [org.keycloak.services] (ServerService Thread Pool -- 60) KC-SERVICES0001: Loading config from standalone.xml or domain.xml
> keycloak | 23:42:11,612 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 60) WFLYCLINF0002: Started realmRevisions cache from keycloak container
> keycloak | 23:42:11,617 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 60) WFLYCLINF0002: Started userRevisions cache from keycloak container
> keycloak | 23:42:11,622 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 60) WFLYCLINF0002: Started authorizationRevisions cache from keycloak container
> keycloak | 23:42:11,623 INFO [org.keycloak.connections.infinispan.DefaultInfinispanConnectionProviderFactory] (ServerService Thread Pool -- 60) Node name: keycloak, Site name: null
> keycloak | 23:42:11,952 WARN [org.jboss.jca.core.connectionmanager.pool.strategy.OnePool] (ServerService Thread Pool -- 60) IJ000604: Throwable while attempting to get a new connection: null: javax.resource.ResourceException: IJ031084: Unable to create connection
> keycloak | at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createLocalManagedConnection(LocalManagedConnectionFactory.java:345)
> keycloak | at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.getLocalManagedConnection(LocalManagedConnectionFactory.java:352)
> keycloak | at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createManagedConnection(LocalManagedConnectionFactory.java:287)
> keycloak | at org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.createConnectionEventListener(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:1325)
> keycloak | at org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.getConnection(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:499)
> keycloak | at org.jboss.jca.core.connectionmanager.pool.AbstractPool.getSimpleConnection(AbstractPool.java:632)
> keycloak | at org.jboss.jca.core.connectionmanager.pool.AbstractPool.getConnection(AbstractPool.java:604)
> keycloak | at org.jboss.jca.core.connectionmanager.AbstractConnectionManager.getManagedConnection(AbstractConnectionManager.java:624)
> keycloak | at org.jboss.jca.core.connectionmanager.tx.TxConnectionManagerImpl.getManagedConnection(TxConnectionManagerImpl.java:440)
> keycloak | at org.jboss.jca.core.connectionmanager.AbstractConnectionManager.allocateConnection(AbstractConnectionManager.java:789)
> keycloak | at org.jboss.jca.adapters.jdbc.WrapperDataSource.getConnection(WrapperDataSource.java:138)
> keycloak | at org.jboss.as.connector.subsystems.datasources.WildFlyDataSource.getConnection(WildFlyDataSource.java:64)
> keycloak | at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.getConnection(DefaultJpaConnectionProviderFactory.java:376)
> keycloak | at org.keycloak.connections.jpa.updater.liquibase.lock.LiquibaseDBLockProvider.lazyInit(LiquibaseDBLockProvider.java:65)
> keycloak | at org.keycloak.connections.jpa.updater.liquibase.lock.LiquibaseDBLockProvider.lambda$waitForLock$0(LiquibaseDBLockProvider.java:97)
> keycloak | at org.keycloak.models.utils.KeycloakModelUtils.suspendJtaTransaction(KeycloakModelUtils.java:678)
> keycloak | at org.keycloak.connections.jpa.updater.liquibase.lock.LiquibaseDBLockProvider.waitForLock(LiquibaseDBLockProvider.java:95)
> keycloak | at org.keycloak.services.resources.KeycloakApplication$1.run(KeycloakApplication.java:144)
> keycloak | at org.keycloak.models.utils.KeycloakModelUtils.runJobInTransaction(KeycloakModelUtils.java:227)
> keycloak | at org.keycloak.services.resources.KeycloakApplication.<init>(KeycloakApplication.java:137)
> keycloak | at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> keycloak | at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
> keycloak | at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
> keycloak | at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
> keycloak | at org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:152)
> keycloak | at org.jboss.resteasy.spi.ResteasyProviderFactory.createProviderInstance(ResteasyProviderFactory.java:2750)
> keycloak | at org.jboss.resteasy.spi.ResteasyDeployment.createApplication(ResteasyDeployment.java:364)
> keycloak | at org.jboss.resteasy.spi.ResteasyDeployment.startInternal(ResteasyDeployment.java:277)
> keycloak | at org.jboss.resteasy.spi.ResteasyDeployment.start(ResteasyDeployment.java:89)
> keycloak | at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.init(ServletContainerDispatcher.java:119)
> keycloak | at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.init(HttpServletDispatcher.java:36)
> keycloak | at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:117)
> keycloak | at org.wildfly.extension.undertow.security.RunAsLifecycleInterceptor.init(RunAsLifecycleInterceptor.java:78)
> keycloak | at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:103)
> keycloak | at io.undertow.servlet.core.ManagedServlet$DefaultInstanceStrategy.start(ManagedServlet.java:303)
> keycloak | at io.undertow.servlet.core.ManagedServlet.createServlet(ManagedServlet.java:143)
> keycloak | at io.undertow.servlet.core.DeploymentManagerImpl$2.call(DeploymentManagerImpl.java:583)
> keycloak | at io.undertow.servlet.core.DeploymentManagerImpl$2.call(DeploymentManagerImpl.java:554)
> keycloak | at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:42)
> keycloak | at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
> keycloak | at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105)
> keycloak | at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
> keycloak | at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
> keycloak | at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
> keycloak | at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
> keycloak | at io.undertow.servlet.core.DeploymentManagerImpl.start(DeploymentManagerImpl.java:596)
> keycloak | at org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:97)
> keycloak | at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:78)
> keycloak | at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
> keycloak | at java.util.concurrent.FutureTask.run(FutureTask.java:266)
> keycloak | at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
> keycloak | at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982)
> keycloak | at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
> keycloak | at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
> keycloak | at java.lang.Thread.run(Thread.java:748)
> keycloak | at org.jboss.threads.JBossThread.run(JBossThread.java:485)
> keycloak | Caused by: org.postgresql.util.PSQLException: The connection attempt failed.
> keycloak | at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:292)
> keycloak | at org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:49)
> keycloak | at org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:195)
> keycloak | at org.postgresql.Driver.makeConnection(Driver.java:454)
> keycloak | at org.postgresql.Driver.connect(Driver.java:256)
> keycloak | at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createLocalManagedConnection(LocalManagedConnectionFactory.java:321)
> keycloak | ... 55 more
> keycloak | Caused by: java.net.UnknownHostException: postgresdb
> keycloak | at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:184)
> keycloak | at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
> keycloak | at java.net.Socket.connect(Socket.java:589)
> keycloak | at org.postgresql.core.PGStream.<init>(PGStream.java:70)
> keycloak | at org.postgresql.core.v3.ConnectionFactoryImpl.tryConnect(ConnectionFactoryImpl.java:91)
> keycloak | at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:192)
> keycloak | ... 60 more
> keycloak |
> keycloak | 23:42:11,960 INFO [org.jboss.as.server] (Thread-2) WFLYSRV0220: Server shutdown has been requested via an OS signal
> keycloak | 23:42:11,971 ERROR [org.jboss.msc.service.fail] (ServerService Thread Pool -- 60) MSC000001: Failed to start service jboss.deployment.unit."keycloak-server.war".undertow-deployment: org.jboss.msc.service.StartException in service jboss.deployment.unit."keycloak-server.war".undertow-deployment: java.lang.RuntimeException: RESTEASY003325: Failed to construct public org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher)
> keycloak | at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:81)
> keycloak | at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
> keycloak | at java.util.concurrent.FutureTask.run(FutureTask.java:266)
> keycloak | at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
> keycloak | at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982)
> keycloak | at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
> keycloak | at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
> keycloak | at java.lang.Thread.run(Thread.java:748)
> keycloak | at org.jboss.threads.JBossThread.run(JBossThread.java:485)
> keycloak | Caused by: java.lang.RuntimeException: RESTEASY003325: Failed to construct public org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher)
> keycloak | at org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:164)
> keycloak | at org.jboss.resteasy.spi.ResteasyProviderFactory.createProviderInstance(ResteasyProviderFactory.java:2750)
> keycloak | at org.jboss.resteasy.spi.ResteasyDeployment.createApplication(ResteasyDeployment.java:364)
> keycloak | at org.jboss.resteasy.spi.ResteasyDeployment.startInternal(ResteasyDeployment.java:277)
> keycloak | at org.jboss.resteasy.spi.ResteasyDeployment.start(ResteasyDeployment.java:89)
> keycloak | at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.init(ServletContainerDispatcher.java:119)
> keycloak | at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.init(HttpServletDispatcher.java:36)
> keycloak | at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:117)
> keycloak | at org.wildfly.extension.undertow.security.RunAsLifecycleInterceptor.init(RunAsLifecycleInterceptor.java:78)
> keycloak | at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:103)
> keycloak | at io.undertow.servlet.core.ManagedServlet$DefaultInstanceStrategy.start(ManagedServlet.java:303)
> keycloak | at io.undertow.servlet.core.ManagedServlet.createServlet(ManagedServlet.java:143)
> keycloak | at io.undertow.servlet.core.DeploymentManagerImpl$2.call(DeploymentManagerImpl.java:583)
> keycloak | at io.undertow.servlet.core.DeploymentManagerImpl$2.call(DeploymentManagerImpl.java:554)
> keycloak | at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:42)
> keycloak | at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
> keycloak | at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105)
> keycloak | at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
> keycloak | at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
> keycloak | at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
> keycloak | at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
> keycloak | at io.undertow.servlet.core.DeploymentManagerImpl.start(DeploymentManagerImpl.java:596)
> keycloak | at org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:97)
> keycloak | at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:78)
> keycloak | ... 8 more
> keycloak | Caused by: java.lang.RuntimeException: Failed to connect to database
> keycloak | at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.getConnection(DefaultJpaConnectionProviderFactory.java:382)
> keycloak | at org.keycloak.connections.jpa.updater.liquibase.lock.LiquibaseDBLockProvider.lazyInit(LiquibaseDBLockProvider.java:65)
> keycloak | at org.keycloak.connections.jpa.updater.liquibase.lock.LiquibaseDBLockProvider.lambda$waitForLock$0(LiquibaseDBLockProvider.java:97)
> keycloak | at org.keycloak.models.utils.KeycloakModelUtils.suspendJtaTransaction(KeycloakModelUtils.java:678)
> keycloak | at org.keycloak.connections.jpa.updater.liquibase.lock.LiquibaseDBLockProvider.waitForLock(LiquibaseDBLockProvider.java:95)
> keycloak | at org.keycloak.services.resources.KeycloakApplication$1.run(KeycloakApplication.java:144)
> keycloak | at org.keycloak.models.utils.KeycloakModelUtils.runJobInTransaction(KeycloakModelUtils.java:227)
> keycloak | at org.keycloak.services.resources.KeycloakApplication.<init>(KeycloakApplication.java:137)
> keycloak | at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> keycloak | at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
> keycloak | at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
> keycloak | at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
> keycloak | at org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:152)
> keycloak | ... 31 more
> keycloak | Caused by: java.sql.SQLException: javax.resource.ResourceException: IJ000453: Unable to get managed connection for java:jboss/datasources/KeycloakDS
> keycloak | at org.jboss.jca.adapters.jdbc.WrapperDataSource.getConnection(WrapperDataSource.java:146)
> keycloak | at org.jboss.as.connector.subsystems.datasources.WildFlyDataSource.getConnection(WildFlyDataSource.java:64)
> keycloak | at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.getConnection(DefaultJpaConnectionProviderFactory.java:376)
> keycloak | ... 43 more
> keycloak | Caused by: javax.resource.ResourceException: IJ000453: Unable to get managed connection for java:jboss/datasources/KeycloakDS
> keycloak | at org.jboss.jca.core.connectionmanager.AbstractConnectionManager.getManagedConnection(AbstractConnectionManager.java:690)
> keycloak | at org.jboss.jca.core.connectionmanager.tx.TxConnectionManagerImpl.getManagedConnection(TxConnectionManagerImpl.java:440)
> keycloak | at org.jboss.jca.core.connectionmanager.AbstractConnectionManager.allocateConnection(AbstractConnectionManager.java:789)
> keycloak | at org.jboss.jca.adapters.jdbc.WrapperDataSource.getConnection(WrapperDataSource.java:138)
> keycloak | ... 45 more
> keycloak | Caused by: javax.resource.ResourceException: IJ031084: Unable to create connection
> keycloak | at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createLocalManagedConnection(LocalManagedConnectionFactory.java:345)
> keycloak | at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.getLocalManagedConnection(LocalManagedConnectionFactory.java:352)
> keycloak | at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createManagedConnection(LocalManagedConnectionFactory.java:287)
> keycloak | at org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.createConnectionEventListener(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:1325)
> keycloak | at org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.getConnection(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:499)
> keycloak | at org.jboss.jca.core.connectionmanager.pool.AbstractPool.getSimpleConnection(AbstractPool.java:632)
> keycloak | at org.jboss.jca.core.connectionmanager.pool.AbstractPool.getConnection(AbstractPool.java:604)
> keycloak | at org.jboss.jca.core.connectionmanager.AbstractConnectionManager.getManagedConnection(AbstractConnectionManager.java:624)
> keycloak | ... 48 more
> keycloak | Caused by: org.postgresql.util.PSQLException: The connection attempt failed.
> keycloak | at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:292)
> keycloak | at org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:49)
> keycloak | at org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:195)
> keycloak | at org.postgresql.Driver.makeConnection(Driver.java:454)
> keycloak | at org.postgresql.Driver.connect(Driver.java:256)
> keycloak | at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createLocalManagedConnection(LocalManagedConnectionFactory.java:321)
> keycloak | ... 55 more
> keycloak | Caused by: java.net.UnknownHostException: postgresdb
> keycloak | at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:184)
> keycloak | at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
> keycloak | at java.net.Socket.connect(Socket.java:589)
> keycloak | at org.postgresql.core.PGStream.<init>(PGStream.java:70)
> keycloak | at org.postgresql.core.v3.ConnectionFactoryImpl.tryConnect(ConnectionFactoryImpl.java:91)
> keycloak | at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:192)
> keycloak | ... 60 more
> keycloak |
> keycloak | 23:42:11,996 INFO [org.jboss.as.connector.subsystems.datasources] (MSC service thread 1-8) WFLYJCA0010: Unbound data source [java:jboss/datasources/KeycloakDS]
> keycloak | 23:42:11,998 INFO [org.jboss.as.mail.extension] (MSC service thread 1-7) WFLYMAIL0002: Unbound mail session [java:jboss/mail/Default]
> keycloak | 23:42:11,998 INFO [org.wildfly.extension.undertow] (MSC service thread 1-7) WFLYUT0008: Undertow HTTPS listener https suspending
> keycloak | 23:42:12,002 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-3) ISPN000080: Disconnecting JGroups channel ejb
> keycloak | 23:42:12,003 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-1) ISPN000080: Disconnecting JGroups channel ejb
> keycloak | 23:42:12,005 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-4) ISPN000080: Disconnecting JGroups channel ejb
> keycloak | 23:42:12,009 INFO [org.jboss.as.connector.subsystems.datasources] (MSC service thread 1-1) WFLYJCA0010: Unbound data source [java:jboss/datasources/ExampleDS]
> keycloak | 23:42:12,010 INFO [org.jboss.modcluster] (ServerService Thread Pool -- 70) MODCLUSTER000002: Initiating mod_cluster shutdown
> keycloak | 23:42:12,010 INFO [org.wildfly.extension.undertow] (MSC service thread 1-5) WFLYUT0008: Undertow AJP listener ajp suspending
> keycloak | 23:42:12,012 INFO [org.jboss.as.connector.deployers.jdbc] (MSC service thread 1-3) WFLYJCA0019: Stopped Driver service with driver-name = postgresql
> keycloak | 23:42:12,012 INFO [org.jboss.as.connector.deployers.jdbc] (MSC service thread 1-1) WFLYJCA0019: Stopped Driver service with driver-name = h2
> keycloak | 23:42:12,016 INFO [org.wildfly.extension.undertow] (MSC service thread 1-7) WFLYUT0007: Undertow HTTPS listener https stopped, was bound to 0.0.0.0:8443
> keycloak | 23:42:12,016 INFO [org.wildfly.extension.undertow] (MSC service thread 1-5) WFLYUT0007: Undertow AJP listener ajp stopped, was bound to 0.0.0.0:8009
> keycloak | 23:42:12,022 INFO [org.wildfly.extension.undertow] (MSC service thread 1-5) WFLYUT0008: Undertow HTTP listener default suspending
> keycloak | 23:42:12,025 INFO [org.wildfly.extension.undertow] (MSC service thread 1-5) WFLYUT0007: Undertow HTTP listener default stopped, was bound to 0.0.0.0:8080
> keycloak | 23:42:12,029 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 66) WFLYCLINF0003: Stopped client-mappings cache from ejb container
> keycloak | 23:42:12,031 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-1) ISPN000080: Disconnecting JGroups channel ejb
> keycloak | 23:42:12,034 INFO [org.wildfly.extension.undertow] (MSC service thread 1-4) WFLYUT0019: Host default-host stopping
> keycloak | 23:42:12,035 INFO [org.wildfly.extension.undertow] (MSC service thread 1-3) WFLYUT0004: Undertow 2.0.19.Final stopping
> keycloak | 23:42:12,040 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 60) WFLYCLINF0003: Stopped keys cache from keycloak container
> keycloak | 23:42:12,040 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 64) WFLYCLINF0003: Stopped authorization cache from keycloak container
> keycloak | 23:42:12,043 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 64) WFLYCLINF0003: Stopped users cache from keycloak container
> keycloak | 23:42:12,046 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 61) WFLYCLINF0003: Stopped realms cache from keycloak container
> keycloak | 23:42:12,046 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 59) WFLYCLINF0003: Stopped work cache from keycloak container
> keycloak | 23:42:12,049 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 60) WFLYCLINF0003: Stopped offlineSessions cache from keycloak container
> keycloak | 23:42:12,051 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 70) WFLYCLINF0003: Stopped authenticationSessions cache from keycloak container
> keycloak | 23:42:12,051 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 66) WFLYCLINF0003: Stopped clientSessions cache from keycloak container
> keycloak | 23:42:12,053 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 62) WFLYCLINF0003: Stopped offlineClientSessions cache from keycloak container
> keycloak | 23:42:12,054 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 63) WFLYCLINF0003: Stopped loginFailures cache from keycloak container
> keycloak | 23:42:12,055 INFO [org.jboss.as.server.deployment] (MSC service thread 1-5) WFLYSRV0028: Stopped deployment keycloak-server.war (runtime-name: keycloak-server.war) in 90ms
> keycloak | 23:42:12,055 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 69) WFLYCLINF0003: Stopped actionTokens cache from keycloak container
> keycloak | 23:42:12,055 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 67) WFLYCLINF0003: Stopped sessions cache from keycloak container
> keycloak | 23:42:12,067 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-3) ISPN000080: Disconnecting JGroups channel ejb
> keycloak | 23:42:12,078 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([("subsystem" => "microprofile-metrics-smallrye")]): java.lang.NullPointerException
> keycloak | at org.wildfly.extension.microprofile.metrics.MicroProfileMetricsSubsystemAdd$2.execute(MicroProfileMetricsSubsystemAdd.java:86)
> keycloak | at org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.java:999)
> keycloak | at org.jboss.as.controller.AbstractOperationContext.processStages(AbstractOperationContext.java:743)
> keycloak | at org.jboss.as.controller.AbstractOperationContext.executeOperation(AbstractOperationContext.java:467)
> keycloak | at org.jboss.as.controller.OperationContextImpl.executeOperation(OperationContextImpl.java:1412)
> keycloak | at org.jboss.as.controller.ModelControllerImpl.boot(ModelControllerImpl.java:521)
> keycloak | at org.jboss.as.controller.AbstractControllerService.boot(AbstractControllerService.java:472)
> keycloak | at org.jboss.as.controller.AbstractControllerService.boot(AbstractControllerService.java:434)
> keycloak | at org.jboss.as.server.ServerService.boot(ServerService.java:435)
> keycloak | at org.jboss.as.server.ServerService.boot(ServerService.java:394)
> keycloak | at org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:374)
> keycloak | at java.lang.Thread.run(Thread.java:748)
> keycloak |
> keycloak | 23:42:12,080 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0190: Step handler org.jboss.as.server.DeployerChainAddHandler$FinalRuntimeStepHandler at 219052d3 for operation add-deployer-chains at address [] failed handling operation rollback -- java.util.concurrent.RejectedExecutionException: java.util.concurrent.RejectedExecutionException
> keycloak | at org.jboss.threads.RejectingExecutor.execute(RejectingExecutor.java:37)
> keycloak | at org.jboss.threads.EnhancedQueueExecutor.rejectShutdown(EnhancedQueueExecutor.java:2026)
> keycloak | at org.jboss.threads.EnhancedQueueExecutor.execute(EnhancedQueueExecutor.java:757)
> keycloak | at org.jboss.as.controller.notification.NotificationSupports$NonBlockingNotificationSupport.emit(NotificationSupports.java:95)
> keycloak | at org.jboss.as.controller.OperationContextImpl.notifyModificationBegun(OperationContextImpl.java:876)
> keycloak | at org.jboss.as.controller.OperationContextImpl.ensureWriteLockForRuntime(OperationContextImpl.java:865)
> keycloak | at org.jboss.as.controller.OperationContextImpl.removeService(OperationContextImpl.java:638)
> keycloak | at org.jboss.as.server.DeployerChainAddHandler$FinalRuntimeStepHandler$1.handleRollback(DeployerChainAddHandler.java:135)
> keycloak | at org.jboss.as.controller.AbstractOperationContext$RollbackDelegatingResultHandler.handleResult(AbstractOperationContext.java:1561)
> keycloak | at org.jboss.as.controller.AbstractOperationContext$Step.invokeResultHandler(AbstractOperationContext.java:1533)
> keycloak | at org.jboss.as.controller.AbstractOperationContext$Step.handleResult(AbstractOperationContext.java:1515)
> keycloak | at org.jboss.as.controller.AbstractOperationContext$Step.finalizeInternal(AbstractOperationContext.java:1472)
> keycloak | at org.jboss.as.controller.AbstractOperationContext$Step.finalizeStep(AbstractOperationContext.java:1455)
> keycloak | at org.jboss.as.controller.AbstractOperationContext$Step.access$400(AbstractOperationContext.java:1319)
> keycloak | at org.jboss.as.controller.AbstractOperationContext.executeResultHandlerPhase(AbstractOperationContext.java:876)
> keycloak | at org.jboss.as.controller.AbstractOperationContext.processStages(AbstractOperationContext.java:756)
> keycloak | at org.jboss.as.controller.AbstractOperationContext.executeOperation(AbstractOperationContext.java:467)
> keycloak | at org.jboss.as.controller.OperationContextImpl.executeOperation(OperationContextImpl.java:1412)
> keycloak | at org.jboss.as.controller.ModelControllerImpl.boot(ModelControllerImpl.java:521)
> keycloak | at org.jboss.as.controller.AbstractControllerService.boot(AbstractControllerService.java:472)
> keycloak | at org.jboss.as.controller.AbstractControllerService.boot(AbstractControllerService.java:434)
> keycloak | at org.jboss.as.server.ServerService.boot(ServerService.java:435)
> keycloak | at org.jboss.as.server.ServerService.boot(ServerService.java:394)
> keycloak | at org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:374)
> keycloak | at java.lang.Thread.run(Thread.java:748)
> keycloak | Suppressed: java.util.concurrent.RejectedExecutionException: Executor is being shut down
> keycloak | at org.jboss.threads.EnhancedQueueExecutor.rejectShutdown(EnhancedQueueExecutor.java:2028)
> keycloak | ... 23 more
> keycloak |
> keycloak | 23:42:12,080 ERROR [org.jboss.as.controller.client] (Controller Boot Thread) WFLYCTL0190: Step handler org.jboss.as.server.DeployerChainAddHandler$FinalRuntimeStepHandler at 219052d3 for operation add-deployer-chains at address [] failed handling operation rollback -- java.util.concurrent.RejectedExecutionException
> keycloak | keycloak exited with code 1
4 years, 9 months
- 1
- 0
SAML Attributes using a general Attribute Importer doesn't work with specific IDP
by Kevin Kaminski
Hello 😊
I am writing the first time to this list so I hope I am doing everything correctly.
But here’s what I need help with:
Fits of all, we are using Keycloak version 5.0.0. in our company.
I am trying a little bit around with the “Attribute Importer” in Keycloak, because I want to receive all SAML Attributes that get delivered via the Identity Providers SAML response, listed in one and the same attribute. And that works actually after I configured the Mapper Type “Attribute Importer”. I can see in Keycloak in my user account > Attributes that all of the Attributes are imported (such as groups, name, first name, mail address) and the will be listed in one grouped attribute (not sure if there is another official name for it)
The way I configured the mapper is:
* Name: saml_attributes
* Mapper Typ: Attribute Importer
* Attribute Name: empty
* Friendly Name: empty
* User Attribute Name: saml_attributes
Now I configured a customer IDP (it’s called JOSSO) and I did the exact same configuration of the Attribute Importer. However, Keycloak could not import all SAML attributes.
After investigation I could see the structure of the SAML response is different between both IDPs:
The one that works (ADFS) looks like this:
<AttributeStatement>
<Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress">
<AttributeValue>kevin.kaminski(a)movingimage.com</AttributeValue<mailto:kevin.kaminski@movingimage.com%3c/AttributeValue>>
The one the importer doesn’t work:
<saml:Attribute FriendlyName="MA_EMAIL" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" Name="MA_EMAIL">
<saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
Is it possible that “saml:” is the reason Keycloak can’t properly import it?
Note: In general the “Attribute Importer” works if I configure dedicated mapper for mail, name, etc. I specify these mappers with a Friendly Name.
But this “grouped” import, doesn’t work.
I hope I could make clear what my problem is and I hope that someone is able to help.
Many thanks in advance,
Kevin
Kevin Kaminski
IT- Projektmanager
movingimage EVP GmbH
Stralauer Allee 7 | 10245 Berlin – Germany
Tel: +49 (0)30.330 9660.330
Fax: +49 (0)30.330 9660.99
www.movingimage.com<http://www.movingimage.com/>
Berlin | Tokyo | San Francisco | New York
Limited liability company based in Berlin
District court Berlin-Charlottenburg | HRB 94436 B
Managing directors: Dr. Rainer Zugehör, Erdal Ahlatci
Board of directors: Daniel Wild, Felix Artmann, Jörg Binnenbrücker, Tim Kindt,
Dr. Dirk Schmücking, Russell Zack
[http://www.movingimage.com/wp-content/uploads/sites/2/2019/06/mi_email-ba...]<https://www.movingimage.com/lp/advancedsubtitles/>
4 years, 9 months
- 2
- 3
Gatekeeper container automatically adds /* uri resource?
by Nick Powers
Bob,
Thanks for your quick response. I tried the following but it still doesn't work
resources:
- uri: /protected/*
- uri: /*
white-listed: true
Now I get the following error message:
[error] you've asked for a default denial but whitelisted everything
Apparently it doesn't like me marking /* as white-listed. I tried
reversing it and marking /protected/* as white-listed and that worked
but I am trying to do the reverse of that. I want /* to not require
auth, so I can tell people about the site, etc, and provide a link to
the authenticated (login) area in /protected/*
Thanks - Nick
-----Original Message-----
From: keycloak-user-bounces at lists.jboss.org
<https://lists.jboss.org/mailman/listinfo/keycloak-user>
[mailto:keycloak-user-bounces at lists.jboss.org
<https://lists.jboss.org/mailman/listinfo/keycloak-user>] On Behalf Of
Bob Sheknowdas
Sent: Wednesday, Jul 17, 2019 2:08 AM
To: keycloak-user at lists.jboss.org
<https://lists.jboss.org/mailman/listinfo/keycloak-user>
Subject: [keycloak-user] Gatekeeper container automatically adds /*
uri resource?
> Hi,
>
> try using White-listed URL's
>
> resources:
> - uri: /some_white_listed_url
> white-listed: true
> - uri: /*
> methods:
> - GET
> roles:
> - <CLIENT_APP_NAME>:<ROLE_NAME>
> - <CLIENT_APP_NAME>:<ROLE_NAME>
>
> My Source:
> https://github.com/jangaraj/keycloak-proxy/blob/master/README.md
>
> Best
> Bob
-----Original Message-----
From: keycloak-user-bounces at lists.jboss.org
<https://lists.jboss.org/mailman/listinfo/keycloak-user>
[mailto:keycloak-user-bounces at lists.jboss.org
<https://lists.jboss.org/mailman/listinfo/keycloak-user>] On Behalf Of
Nick Powersia
Sent: Tuesday, July 16, 2019 7:55 PM
To: keycloak-user at lists.jboss.org
<https://lists.jboss.org/mailman/listinfo/keycloak-user>
Subject: [keycloak-user] Gatekeeper container automatically adds /*
uri resource?
>* Hello,
*>>* Below is a snip from my Gatekeeper configuration, related to resources. I
*>* only have /protected/* listed as a uri resource but loading the index at /
*>* still initiates a login. I see from the logs (see below) that both
*>* /protected/* and /* are being protected. How do I make it so only
*>* /protected/* is a protected resource and the main /* of my site doesn't
*>* require authentication?
*>>* I was able to HACK (see below) it so that /* was only authenticated for a
*>* single method (DELETE) by defining /* as a uri resource with just DELETE
*>* listed under methods: but I would rather have a solution that works for all
*>* methods. Is anyone aware of a way to tell gatekeeper not to authenticate
*>* for /* and only do so for /protected/*?
*>>* Thanks in advance! :) - Nick
*>>* SNIP from my gatekeeper configuration:
*>>* resources:
*>* - uri: /protected/*
*>>* LOGS showing both /protected:
*>>* gatekeeper | {"level":"info","ts":1563319972.1478412,"msg":"protecting
*>* resource","resource":"uri: /protected/*, methods:
*>* DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT,TRACE, required: authentication
*>* only"}
*>* gatekeeper | {"level":"info","ts":1563319972.1482553,"msg":"protecting
*>* resource","resource":"uri: /*, methods:
*>* DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT,TRACE, required: authentication
*>* only"}
*>>* My HACK config:
*>>* resources:
*>* - uri: /protected/*
*>* - uri: /*
*>* methods:
*>* - DELETE*
4 years, 9 months
- 1
- 0
Re: [keycloak-user] Gatekeeper container automatically adds /* uri resource?
by bob sheknowdas
Hi,
try using White-listed URL's
resources:
- uri: /some_white_listed_url
white-listed: true
- uri: /*
methods:
- GET
roles:
- <CLIENT_APP_NAME>:<ROLE_NAME>
- <CLIENT_APP_NAME>:<ROLE_NAME>
My Source:
https://github.com/jangaraj/keycloak-proxy/blob/master/README.md
Best
Bob
-----Original Message-----
From: keycloak-user-bounces at lists.jboss.org
<https://lists.jboss.org/mailman/listinfo/keycloak-user>
[mailto:keycloak-user-bounces at lists.jboss.org
<https://lists.jboss.org/mailman/listinfo/keycloak-user>] On Behalf Of
Nick Powersia
Sent: Tuesday, July 16, 2019 7:55 PM
To: keycloak-user at lists.jboss.org
<https://lists.jboss.org/mailman/listinfo/keycloak-user>
Subject: [keycloak-user] Gatekeeper container automatically adds /*
uri resource?
> Hello,
>
> Below is a snip from my Gatekeeper configuration, related to resources. I
> only have /protected/* listed as a uri resource but loading the index at /
> still initiates a login. I see from the logs (see below) that both
> /protected/* and /* are being protected. How do I make it so only
> /protected/* is a protected resource and the main /* of my site doesn't
> require authentication?
>
> I was able to HACK (see below) it so that /* was only authenticated for a
> single method (DELETE) by defining /* as a uri resource with just DELETE
> listed under methods: but I would rather have a solution that works for all
> methods. Is anyone aware of a way to tell gatekeeper not to authenticate
> for /* and only do so for /protected/*?
>
> Thanks in advance! :) - Nick
>
> SNIP from my gatekeeper configuration:
>
> resources:
> - uri: /protected/*
>
> LOGS showing both /protected:
>
> gatekeeper | {"level":"info","ts":1563319972.1478412,"msg":"protecting
> resource","resource":"uri: /protected/*, methods:
> DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT,TRACE, required: authentication
> only"}
> gatekeeper | {"level":"info","ts":1563319972.1482553,"msg":"protecting
> resource","resource":"uri: /*, methods:
> DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT,TRACE, required: authentication
> only"}
>
> My HACK config:
>
> resources:
> - uri: /protected/*
> - uri: /*
> methods:
> - DELETE
4 years, 9 months
- 1
- 0
Gatekeeper container automatically adds /* uri resource?
by Nick Powers
Hello,
Below is a snip from my Gatekeeper configuration, related to resources. I
only have /protected/* listed as a uri resource but loading the index at /
still initiates a login. I see from the logs (see below) that both
/protected/* and /* are being protected. How do I make it so only
/protected/* is a protected resource and the main /* of my site doesn't
require authentication?
I was able to HACK (see below) it so that /* was only authenticated for a
single method (DELETE) by defining /* as a uri resource with just DELETE
listed under methods: but I would rather have a solution that works for all
methods. Is anyone aware of a way to tell gatekeeper not to authenticate
for /* and only do so for /protected/*?
Thanks in advance! :) - Nick
SNIP from my gatekeeper configuration:
resources:
- uri: /protected/*
LOGS showing both /protected:
gatekeeper | {"level":"info","ts":1563319972.1478412,"msg":"protecting
resource","resource":"uri: /protected/*, methods:
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT,TRACE, required: authentication
only"}
gatekeeper | {"level":"info","ts":1563319972.1482553,"msg":"protecting
resource","resource":"uri: /*, methods:
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT,TRACE, required: authentication
only"}
My HACK config:
resources:
- uri: /protected/*
- uri: /*
methods:
- DELETE
4 years, 9 months
- 1
- 0
Can only seem to use docker image 3.4.0.final
by Sinykk Skizm
I'm trying to run keycloak in docker and for whatever reason, it just won't. Except if I use the 3.4.0.Final tag, then keycloak spins up without any issues.
This is my docker compose for jboss/keycloak
# KeyCloak - Open Source Identity and Access Management
keycloak:
image: jboss/keycloak
container_name: keycloak
restart: always
hostname: keycloak
ports:
- "8282:8080"
environment:
- DB_VENDOR=POSTGRES
- DB_ADDR=postgresdb
- DB_DATABASE=keycloak
- DB_PORT=54320
- DB_USER=myuser
- DB_SCHEMA=public
- DB_PASSWORD=##mypassword$$
- PROXY_ADDRESS_FORWARDING=true
- KEYCLOAK_LOGLEVEL=INFO
- KEYCLOAK_USER=admin
- KEYCLOAK_PASSWORD=##mypassword##
depends_on:
- postgresdb
command:
- "-b 0.0.0.0"
- "-Dkeycloak.profile.feature.docker=enabled"
This is is what's produced in the docker-compose logs.
keycloak | =========================================================================
keycloak |
keycloak | JBoss Bootstrap Environment
keycloak |
keycloak | JBOSS_HOME: /opt/jboss/keycloak
keycloak |
keycloak | JAVA: /usr/lib/jvm/java/bin/java
keycloak |
keycloak | JAVA_OPTS: -server -Xms64m -Xmx512m -XX:MetaspaceSize=96M -XX:MaxMetaspaceSize=256m -Djava.net.preferIPv4Stack=true -Djboss.modules.system.pkgs=org.jboss.byteman -Djava.awt.headless=true
keycloak |
keycloak | =========================================================================
keycloak |
keycloak | 23:42:03,387 INFO [org.jboss.modules] (main) JBoss Modules version 1.9.0.Final
keycloak | 23:42:03,769 INFO [org.jboss.msc] (main) JBoss MSC version 1.4.5.Final
keycloak | 23:42:03,782 INFO [org.jboss.threads] (main) JBoss Threads version 2.3.3.Final
keycloak | 23:42:03,918 INFO [org.jboss.as] (MSC service thread 1-1) WFLYSRV0049: Keycloak 6.0.1 (WildFly Core 8.0.0.Final) starting
keycloak | 23:42:03,988 INFO [org.jboss.vfs] (MSC service thread 1-7) VFS000002: Failed to clean existing content for temp file provider of type temp. Enable DEBUG level log to find what caused this
keycloak | 23:42:04,586 INFO [org.wildfly.security] (ServerService Thread Pool -- 19) ELY00001: WildFly Elytron version 1.8.0.Final
keycloak | 23:42:05,261 INFO [org.jboss.as.controller.management-deprecated] (Controller Boot Thread) WFLYCTL0028: Attribute 'security-realm' in the resource at address '/core-service=management/management-interface=http-interface' is deprecated, and may be removed in a future version. See the attribute description in the output of the read-resource-description operation to learn more about the deprecation.
keycloak | 23:42:05,293 INFO [org.jboss.as.controller.management-deprecated] (ServerService Thread Pool -- 29) WFLYCTL0028: Attribute 'security-realm' in the resource at address '/subsystem=undertow/server=default-server/https-listener=https' is deprecated, and may be removed in a future version. See the attribute description in the output of the read-resource-description operation to learn more about the deprecation.
keycloak | 23:42:05,435 INFO [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0039: Creating http management service using socket-binding (management-http)
keycloak | 23:42:05,450 INFO [org.xnio] (MSC service thread 1-4) XNIO version 3.6.5.Final
keycloak | 23:42:05,456 INFO [org.xnio.nio] (MSC service thread 1-4) XNIO NIO Implementation Version 3.6.5.Final
keycloak | 23:42:05,498 INFO [org.wildfly.extension.io] (ServerService Thread Pool -- 39) WFLYIO001: Worker 'default' has auto-configured to 16 core threads with 128 task threads based on your 8 available processors
keycloak | 23:42:05,501 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 38) WFLYCLINF0001: Activating Infinispan subsystem.
keycloak | 23:42:05,507 INFO [org.jboss.as.clustering.jgroups] (ServerService Thread Pool -- 42) WFLYCLJG0001: Activating JGroups subsystem. JGroups version 4.0.18
keycloak | 23:42:05,501 INFO [org.jboss.as.connector.subsystems.datasources] (ServerService Thread Pool -- 33) WFLYJCA0004: Deploying JDBC-compliant driver class org.h2.Driver (version 1.4)
keycloak | 23:42:05,512 INFO [org.jboss.as.connector] (MSC service thread 1-3) WFLYJCA0009: Starting JCA Subsystem (WildFly/IronJacamar 1.4.12.Final)
keycloak | 23:42:05,518 INFO [org.jboss.as.connector.deployers.jdbc] (MSC service thread 1-1) WFLYJCA0018: Started Driver service with driver-name = h2
keycloak | 23:42:05,519 INFO [org.jboss.as.jaxrs] (ServerService Thread Pool -- 40) WFLYRS0016: RESTEasy version 3.6.3.Final
keycloak | 23:42:05,536 INFO [org.jboss.as.connector.subsystems.datasources] (ServerService Thread Pool -- 33) WFLYJCA0005: Deploying non-JDBC-compliant driver class org.postgresql.Driver (version 42.2)
keycloak | 23:42:05,550 INFO [org.jboss.as.connector.deployers.jdbc] (MSC service thread 1-6) WFLYJCA0018: Started Driver service with driver-name = postgresql
keycloak | 23:42:05,565 INFO [org.jboss.remoting] (MSC service thread 1-4) JBoss Remoting version 5.0.8.Final
keycloak | 23:42:05,588 INFO [org.wildfly.extension.microprofile.config.smallrye._private] (ServerService Thread Pool -- 47) WFLYCONF0001: Activating WildFly MicroProfile Config Subsystem
keycloak | 23:42:05,607 WARN [org.jboss.as.txn] (ServerService Thread Pool -- 56) WFLYTX0013: The node-identifier attribute on the /subsystem=transactions is set to the default value. This is a danger for environments running multiple servers. Please make sure the attribute value is unique.
keycloak | 23:42:05,615 INFO [org.wildfly.extension.microprofile.metrics.smallrye] (ServerService Thread Pool -- 49) WFLYMETRICS0001: Activating Eclipse MicroProfile Metrics Subsystem
keycloak | 23:42:05,615 INFO [org.jboss.as.mail.extension] (MSC service thread 1-2) WFLYMAIL0002: Unbound mail session [java:jboss/mail/Default]
keycloak | 23:42:05,618 INFO [org.wildfly.extension.microprofile.health.smallrye] (ServerService Thread Pool -- 48) WFLYHEALTH0001: Activating Eclipse MicroProfile Health Subsystem
keycloak | 23:42:05,619 INFO [org.jboss.as.naming] (ServerService Thread Pool -- 51) WFLYNAM0001: Activating Naming Subsystem
keycloak | 23:42:05,747 INFO [org.jboss.as.security] (ServerService Thread Pool -- 54) WFLYSEC0002: Activating Security Subsystem
keycloak | 23:42:05,766 INFO [org.wildfly.extension.undertow] (MSC service thread 1-4) WFLYUT0003: Undertow 2.0.19.Final starting
keycloak | 23:42:05,767 INFO [org.jboss.as.connector.subsystems.datasources] (MSC service thread 1-5) WFLYJCA0010: Unbound data source [java:jboss/datasources/ExampleDS]
keycloak | 23:42:05,774 INFO [org.jboss.as.connector.subsystems.datasources] (MSC service thread 1-2) WFLYJCA0010: Unbound data source [java:jboss/datasources/KeycloakDS]
keycloak | 23:42:05,789 INFO [org.jboss.as.security] (MSC service thread 1-4) WFLYSEC0001: Current PicketBox version=5.0.3.Final
keycloak | 23:42:05,803 INFO [io.smallrye.metrics] (MSC service thread 1-6) Converted [2] config entries and added [4] replacements
keycloak | 23:42:05,810 INFO [io.smallrye.metrics] (MSC service thread 1-6) Converted [3] config entries and added [14] replacements
keycloak | 23:42:05,832 INFO [org.jboss.as.naming] (MSC service thread 1-2) WFLYNAM0003: Starting Naming Service
keycloak | 23:42:05,841 INFO [org.jboss.as.mail.extension] (MSC service thread 1-4) WFLYMAIL0001: Bound mail session [java:jboss/mail/Default]
keycloak | 23:42:05,858 INFO [org.jboss.as.ejb3] (MSC service thread 1-8) WFLYEJB0481: Strict pool slsb-strict-max-pool is using a max instance size of 128 (per class), which is derived from thread worker pool sizing.
keycloak | 23:42:05,860 INFO [org.jboss.as.ejb3] (MSC service thread 1-7) WFLYEJB0482: Strict pool mdb-strict-max-pool is using a max instance size of 32 (per class), which is derived from the number of CPUs on this host.
keycloak | 23:42:05,924 INFO [org.wildfly.extension.undertow] (ServerService Thread Pool -- 57) WFLYUT0014: Creating file handler for path '/opt/jboss/keycloak/welcome-content' with options [directory-listing: 'false', follow-symlink: 'false', case-sensitive: 'true', safe-symlink-paths: '[]']
keycloak | 23:42:05,934 INFO [org.wildfly.extension.undertow] (MSC service thread 1-6) WFLYUT0012: Started server default-server.
keycloak | 23:42:05,953 INFO [org.wildfly.extension.undertow] (MSC service thread 1-1) WFLYUT0018: Host default-host starting
keycloak | 23:42:05,987 INFO [org.wildfly.extension.undertow] (MSC service thread 1-2) WFLYUT0006: Undertow HTTP listener default listening on 0.0.0.0:8080
keycloak | 23:42:05,987 INFO [org.wildfly.extension.undertow] (MSC service thread 1-7) WFLYUT0006: Undertow AJP listener ajp listening on 0.0.0.0:8009
keycloak | 23:42:06,002 INFO [org.jboss.modcluster] (ServerService Thread Pool -- 58) MODCLUSTER000001: Initializing mod_cluster version 1.4.0.Final
keycloak | 23:42:06,018 INFO [org.jboss.modcluster] (ServerService Thread Pool -- 58) MODCLUSTER000032: Listening to proxy advertisements on /224.0.1.105:23364
keycloak | 23:42:06,078 INFO [org.jboss.as.patching] (MSC service thread 1-5) WFLYPAT0050: Keycloak cumulative patch ID is: base, one-off patches include: none
keycloak | 23:42:06,091 INFO [org.jboss.as.ejb3] (MSC service thread 1-3) WFLYEJB0493: EJB subsystem suspension complete
keycloak | 23:42:06,096 WARN [org.jboss.as.domain.management.security] (MSC service thread 1-8) WFLYDM0111: Keystore /opt/jboss/keycloak/standalone/configuration/application.keystore not found, it will be auto generated on first use with a self signed certificate for host localhost
keycloak | 23:42:06,108 INFO [org.jboss.as.server.deployment.scanner] (MSC service thread 1-4) WFLYDS0013: Started FileSystemDeploymentService for directory /opt/jboss/keycloak/standalone/deployments
keycloak | 23:42:06,119 INFO [org.jboss.as.server.deployment] (MSC service thread 1-7) WFLYSRV0027: Starting deployment of "keycloak-server.war" (runtime-name: "keycloak-server.war")
keycloak | 23:42:06,171 INFO [org.wildfly.extension.undertow] (MSC service thread 1-8) WFLYUT0006: Undertow HTTPS listener https listening on 0.0.0.0:8443
keycloak | 23:42:06,177 INFO [org.jboss.as.connector.subsystems.datasources] (MSC service thread 1-2) WFLYJCA0001: Bound data source [java:jboss/datasources/ExampleDS]
keycloak | 23:42:06,178 INFO [org.jboss.as.connector.subsystems.datasources] (MSC service thread 1-7) WFLYJCA0001: Bound data source [java:jboss/datasources/KeycloakDS]
keycloak | 23:42:06,344 WARN [org.jboss.as.dependency.private] (MSC service thread 1-1) WFLYSRV0018: Deployment "deployment.keycloak-server.war" is using a private module ("org.kie") which may be changed or removed in future versions without notice.
keycloak | 23:42:06,631 WARN [org.jgroups.protocols.UDP] (ServerService Thread Pool -- 58) JGRP000015: the send buffer of socket ManagedMulticastSocketBinding was set to 1.00MB, but the OS only allocated 212.99KB. This might lead to performance problems. Please set your max send buffer in the OS correctly (e.g. net.core.wmem_max on Linux)
keycloak | 23:42:06,632 WARN [org.jgroups.protocols.UDP] (ServerService Thread Pool -- 58) JGRP000015: the receive buffer of socket ManagedMulticastSocketBinding was set to 20.00MB, but the OS only allocated 212.99KB. This might lead to performance problems. Please set your max receive buffer in the OS correctly (e.g. net.core.rmem_max on Linux)
keycloak | 23:42:06,632 WARN [org.jgroups.protocols.UDP] (ServerService Thread Pool -- 58) JGRP000015: the send buffer of socket ManagedMulticastSocketBinding was set to 1.00MB, but the OS only allocated 212.99KB. This might lead to performance problems. Please set your max send buffer in the OS correctly (e.g. net.core.wmem_max on Linux)
keycloak | 23:42:06,632 WARN [org.jgroups.protocols.UDP] (ServerService Thread Pool -- 58) JGRP000015: the receive buffer of socket ManagedMulticastSocketBinding was set to 25.00MB, but the OS only allocated 212.99KB. This might lead to performance problems. Please set your max receive buffer in the OS correctly (e.g. net.core.rmem_max on Linux)
keycloak | 23:42:09,641 INFO [org.jgroups.protocols.pbcast.GMS] (ServerService Thread Pool -- 58) keycloak: no members discovered after 3003 ms: creating cluster as first member
keycloak | 23:42:09,939 INFO [org.infinispan.factories.GlobalComponentRegistry] (MSC service thread 1-7) ISPN000128: Infinispan version: Infinispan 'Infinity Minus ONE +2' 9.4.8.Final
keycloak | 23:42:10,118 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-4) ISPN000078: Starting JGroups channel ejb
keycloak | 23:42:10,118 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-1) ISPN000078: Starting JGroups channel ejb
keycloak | 23:42:10,118 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-5) ISPN000078: Starting JGroups channel ejb
keycloak | 23:42:10,118 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-6) ISPN000078: Starting JGroups channel ejb
keycloak | 23:42:10,118 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-7) ISPN000078: Starting JGroups channel ejb
keycloak | 23:42:10,124 INFO [org.infinispan.CLUSTER] (MSC service thread 1-4) ISPN000094: Received new cluster view for channel ejb: [keycloak|0] (1) [keycloak]
keycloak | 23:42:10,124 INFO [org.infinispan.CLUSTER] (MSC service thread 1-6) ISPN000094: Received new cluster view for channel ejb: [keycloak|0] (1) [keycloak]
keycloak | 23:42:10,124 INFO [org.infinispan.CLUSTER] (MSC service thread 1-5) ISPN000094: Received new cluster view for channel ejb: [keycloak|0] (1) [keycloak]
keycloak | 23:42:10,124 INFO [org.infinispan.CLUSTER] (MSC service thread 1-7) ISPN000094: Received new cluster view for channel ejb: [keycloak|0] (1) [keycloak]
keycloak | 23:42:10,124 INFO [org.infinispan.CLUSTER] (MSC service thread 1-1) ISPN000094: Received new cluster view for channel ejb: [keycloak|0] (1) [keycloak]
keycloak | 23:42:10,132 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-1) ISPN000079: Channel ejb local address is keycloak, physical addresses are [172.19.0.6:55200]
keycloak | 23:42:10,132 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-6) ISPN000079: Channel ejb local address is keycloak, physical addresses are [172.19.0.6:55200]
keycloak | 23:42:10,133 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-4) ISPN000079: Channel ejb local address is keycloak, physical addresses are [172.19.0.6:55200]
keycloak | 23:42:10,132 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-7) ISPN000079: Channel ejb local address is keycloak, physical addresses are [172.19.0.6:55200]
keycloak | 23:42:10,134 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-5) ISPN000079: Channel ejb local address is keycloak, physical addresses are [172.19.0.6:55200]
keycloak | 23:42:10,311 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 58) WFLYCLINF0002: Started users cache from keycloak container
keycloak | 23:42:10,311 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 61) WFLYCLINF0002: Started realms cache from keycloak container
keycloak | 23:42:10,311 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 65) WFLYCLINF0002: Started authorization cache from keycloak container
keycloak | 23:42:10,311 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 68) WFLYCLINF0002: Started keys cache from keycloak container
keycloak | 23:42:10,666 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 69) WFLYCLINF0002: Started offlineSessions cache from keycloak container
keycloak | 23:42:10,666 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 64) WFLYCLINF0002: Started authenticationSessions cache from keycloak container
keycloak | 23:42:10,668 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 63) WFLYCLINF0002: Started clientSessions cache from keycloak container
keycloak | 23:42:10,668 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 67) WFLYCLINF0002: Started actionTokens cache from keycloak container
keycloak | 23:42:10,668 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 62) WFLYCLINF0002: Started offlineClientSessions cache from keycloak container
keycloak | 23:42:10,668 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 59) WFLYCLINF0002: Started sessions cache from keycloak container
keycloak | 23:42:10,669 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 70) WFLYCLINF0002: Started client-mappings cache from ejb container
keycloak | 23:42:10,669 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 66) WFLYCLINF0002: Started work cache from keycloak container
keycloak | 23:42:10,670 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 60) WFLYCLINF0002: Started loginFailures cache from keycloak container
keycloak | 23:42:10,798 WARN [org.jboss.as.server.deployment] (MSC service thread 1-6) WFLYSRV0273: Excluded subsystem weld via jboss-deployment-structure.xml does not exist.
keycloak | 23:42:10,798 WARN [org.jboss.as.server.deployment] (MSC service thread 1-6) WFLYSRV0273: Excluded subsystem webservices via jboss-deployment-structure.xml does not exist.
keycloak | 23:42:11,300 INFO [org.keycloak.services] (ServerService Thread Pool -- 60) KC-SERVICES0001: Loading config from standalone.xml or domain.xml
keycloak | 23:42:11,612 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 60) WFLYCLINF0002: Started realmRevisions cache from keycloak container
keycloak | 23:42:11,617 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 60) WFLYCLINF0002: Started userRevisions cache from keycloak container
keycloak | 23:42:11,622 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 60) WFLYCLINF0002: Started authorizationRevisions cache from keycloak container
keycloak | 23:42:11,623 INFO [org.keycloak.connections.infinispan.DefaultInfinispanConnectionProviderFactory] (ServerService Thread Pool -- 60) Node name: keycloak, Site name: null
keycloak | 23:42:11,952 WARN [org.jboss.jca.core.connectionmanager.pool.strategy.OnePool] (ServerService Thread Pool -- 60) IJ000604: Throwable while attempting to get a new connection: null: javax.resource.ResourceException: IJ031084: Unable to create connection
keycloak | at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createLocalManagedConnection(LocalManagedConnectionFactory.java:345)
keycloak | at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.getLocalManagedConnection(LocalManagedConnectionFactory.java:352)
keycloak | at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createManagedConnection(LocalManagedConnectionFactory.java:287)
keycloak | at org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.createConnectionEventListener(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:1325)
keycloak | at org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.getConnection(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:499)
keycloak | at org.jboss.jca.core.connectionmanager.pool.AbstractPool.getSimpleConnection(AbstractPool.java:632)
keycloak | at org.jboss.jca.core.connectionmanager.pool.AbstractPool.getConnection(AbstractPool.java:604)
keycloak | at org.jboss.jca.core.connectionmanager.AbstractConnectionManager.getManagedConnection(AbstractConnectionManager.java:624)
keycloak | at org.jboss.jca.core.connectionmanager.tx.TxConnectionManagerImpl.getManagedConnection(TxConnectionManagerImpl.java:440)
keycloak | at org.jboss.jca.core.connectionmanager.AbstractConnectionManager.allocateConnection(AbstractConnectionManager.java:789)
keycloak | at org.jboss.jca.adapters.jdbc.WrapperDataSource.getConnection(WrapperDataSource.java:138)
keycloak | at org.jboss.as.connector.subsystems.datasources.WildFlyDataSource.getConnection(WildFlyDataSource.java:64)
keycloak | at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.getConnection(DefaultJpaConnectionProviderFactory.java:376)
keycloak | at org.keycloak.connections.jpa.updater.liquibase.lock.LiquibaseDBLockProvider.lazyInit(LiquibaseDBLockProvider.java:65)
keycloak | at org.keycloak.connections.jpa.updater.liquibase.lock.LiquibaseDBLockProvider.lambda$waitForLock$0(LiquibaseDBLockProvider.java:97)
keycloak | at org.keycloak.models.utils.KeycloakModelUtils.suspendJtaTransaction(KeycloakModelUtils.java:678)
keycloak | at org.keycloak.connections.jpa.updater.liquibase.lock.LiquibaseDBLockProvider.waitForLock(LiquibaseDBLockProvider.java:95)
keycloak | at org.keycloak.services.resources.KeycloakApplication$1.run(KeycloakApplication.java:144)
keycloak | at org.keycloak.models.utils.KeycloakModelUtils.runJobInTransaction(KeycloakModelUtils.java:227)
keycloak | at org.keycloak.services.resources.KeycloakApplication.<init>(KeycloakApplication.java:137)
keycloak | at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
keycloak | at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
keycloak | at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
keycloak | at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
keycloak | at org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:152)
keycloak | at org.jboss.resteasy.spi.ResteasyProviderFactory.createProviderInstance(ResteasyProviderFactory.java:2750)
keycloak | at org.jboss.resteasy.spi.ResteasyDeployment.createApplication(ResteasyDeployment.java:364)
keycloak | at org.jboss.resteasy.spi.ResteasyDeployment.startInternal(ResteasyDeployment.java:277)
keycloak | at org.jboss.resteasy.spi.ResteasyDeployment.start(ResteasyDeployment.java:89)
keycloak | at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.init(ServletContainerDispatcher.java:119)
keycloak | at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.init(HttpServletDispatcher.java:36)
keycloak | at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:117)
keycloak | at org.wildfly.extension.undertow.security.RunAsLifecycleInterceptor.init(RunAsLifecycleInterceptor.java:78)
keycloak | at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:103)
keycloak | at io.undertow.servlet.core.ManagedServlet$DefaultInstanceStrategy.start(ManagedServlet.java:303)
keycloak | at io.undertow.servlet.core.ManagedServlet.createServlet(ManagedServlet.java:143)
keycloak | at io.undertow.servlet.core.DeploymentManagerImpl$2.call(DeploymentManagerImpl.java:583)
keycloak | at io.undertow.servlet.core.DeploymentManagerImpl$2.call(DeploymentManagerImpl.java:554)
keycloak | at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:42)
keycloak | at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
keycloak | at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105)
keycloak | at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
keycloak | at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
keycloak | at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
keycloak | at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
keycloak | at io.undertow.servlet.core.DeploymentManagerImpl.start(DeploymentManagerImpl.java:596)
keycloak | at org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:97)
keycloak | at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:78)
keycloak | at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
keycloak | at java.util.concurrent.FutureTask.run(FutureTask.java:266)
keycloak | at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
keycloak | at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982)
keycloak | at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
keycloak | at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
keycloak | at java.lang.Thread.run(Thread.java:748)
keycloak | at org.jboss.threads.JBossThread.run(JBossThread.java:485)
keycloak | Caused by: org.postgresql.util.PSQLException: The connection attempt failed.
keycloak | at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:292)
keycloak | at org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:49)
keycloak | at org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:195)
keycloak | at org.postgresql.Driver.makeConnection(Driver.java:454)
keycloak | at org.postgresql.Driver.connect(Driver.java:256)
keycloak | at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createLocalManagedConnection(LocalManagedConnectionFactory.java:321)
keycloak | ... 55 more
keycloak | Caused by: java.net.UnknownHostException: postgresdb
keycloak | at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:184)
keycloak | at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
keycloak | at java.net.Socket.connect(Socket.java:589)
keycloak | at org.postgresql.core.PGStream.<init>(PGStream.java:70)
keycloak | at org.postgresql.core.v3.ConnectionFactoryImpl.tryConnect(ConnectionFactoryImpl.java:91)
keycloak | at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:192)
keycloak | ... 60 more
keycloak |
keycloak | 23:42:11,960 INFO [org.jboss.as.server] (Thread-2) WFLYSRV0220: Server shutdown has been requested via an OS signal
keycloak | 23:42:11,971 ERROR [org.jboss.msc.service.fail] (ServerService Thread Pool -- 60) MSC000001: Failed to start service jboss.deployment.unit."keycloak-server.war".undertow-deployment: org.jboss.msc.service.StartException in service jboss.deployment.unit."keycloak-server.war".undertow-deployment: java.lang.RuntimeException: RESTEASY003325: Failed to construct public org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher)
keycloak | at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:81)
keycloak | at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
keycloak | at java.util.concurrent.FutureTask.run(FutureTask.java:266)
keycloak | at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
keycloak | at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982)
keycloak | at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
keycloak | at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
keycloak | at java.lang.Thread.run(Thread.java:748)
keycloak | at org.jboss.threads.JBossThread.run(JBossThread.java:485)
keycloak | Caused by: java.lang.RuntimeException: RESTEASY003325: Failed to construct public org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher)
keycloak | at org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:164)
keycloak | at org.jboss.resteasy.spi.ResteasyProviderFactory.createProviderInstance(ResteasyProviderFactory.java:2750)
keycloak | at org.jboss.resteasy.spi.ResteasyDeployment.createApplication(ResteasyDeployment.java:364)
keycloak | at org.jboss.resteasy.spi.ResteasyDeployment.startInternal(ResteasyDeployment.java:277)
keycloak | at org.jboss.resteasy.spi.ResteasyDeployment.start(ResteasyDeployment.java:89)
keycloak | at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.init(ServletContainerDispatcher.java:119)
keycloak | at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.init(HttpServletDispatcher.java:36)
keycloak | at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:117)
keycloak | at org.wildfly.extension.undertow.security.RunAsLifecycleInterceptor.init(RunAsLifecycleInterceptor.java:78)
keycloak | at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:103)
keycloak | at io.undertow.servlet.core.ManagedServlet$DefaultInstanceStrategy.start(ManagedServlet.java:303)
keycloak | at io.undertow.servlet.core.ManagedServlet.createServlet(ManagedServlet.java:143)
keycloak | at io.undertow.servlet.core.DeploymentManagerImpl$2.call(DeploymentManagerImpl.java:583)
keycloak | at io.undertow.servlet.core.DeploymentManagerImpl$2.call(DeploymentManagerImpl.java:554)
keycloak | at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:42)
keycloak | at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
keycloak | at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105)
keycloak | at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
keycloak | at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
keycloak | at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
keycloak | at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
keycloak | at io.undertow.servlet.core.DeploymentManagerImpl.start(DeploymentManagerImpl.java:596)
keycloak | at org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:97)
keycloak | at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:78)
keycloak | ... 8 more
keycloak | Caused by: java.lang.RuntimeException: Failed to connect to database
keycloak | at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.getConnection(DefaultJpaConnectionProviderFactory.java:382)
keycloak | at org.keycloak.connections.jpa.updater.liquibase.lock.LiquibaseDBLockProvider.lazyInit(LiquibaseDBLockProvider.java:65)
keycloak | at org.keycloak.connections.jpa.updater.liquibase.lock.LiquibaseDBLockProvider.lambda$waitForLock$0(LiquibaseDBLockProvider.java:97)
keycloak | at org.keycloak.models.utils.KeycloakModelUtils.suspendJtaTransaction(KeycloakModelUtils.java:678)
keycloak | at org.keycloak.connections.jpa.updater.liquibase.lock.LiquibaseDBLockProvider.waitForLock(LiquibaseDBLockProvider.java:95)
keycloak | at org.keycloak.services.resources.KeycloakApplication$1.run(KeycloakApplication.java:144)
keycloak | at org.keycloak.models.utils.KeycloakModelUtils.runJobInTransaction(KeycloakModelUtils.java:227)
keycloak | at org.keycloak.services.resources.KeycloakApplication.<init>(KeycloakApplication.java:137)
keycloak | at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
keycloak | at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
keycloak | at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
keycloak | at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
keycloak | at org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:152)
keycloak | ... 31 more
keycloak | Caused by: java.sql.SQLException: javax.resource.ResourceException: IJ000453: Unable to get managed connection for java:jboss/datasources/KeycloakDS
keycloak | at org.jboss.jca.adapters.jdbc.WrapperDataSource.getConnection(WrapperDataSource.java:146)
keycloak | at org.jboss.as.connector.subsystems.datasources.WildFlyDataSource.getConnection(WildFlyDataSource.java:64)
keycloak | at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.getConnection(DefaultJpaConnectionProviderFactory.java:376)
keycloak | ... 43 more
keycloak | Caused by: javax.resource.ResourceException: IJ000453: Unable to get managed connection for java:jboss/datasources/KeycloakDS
keycloak | at org.jboss.jca.core.connectionmanager.AbstractConnectionManager.getManagedConnection(AbstractConnectionManager.java:690)
keycloak | at org.jboss.jca.core.connectionmanager.tx.TxConnectionManagerImpl.getManagedConnection(TxConnectionManagerImpl.java:440)
keycloak | at org.jboss.jca.core.connectionmanager.AbstractConnectionManager.allocateConnection(AbstractConnectionManager.java:789)
keycloak | at org.jboss.jca.adapters.jdbc.WrapperDataSource.getConnection(WrapperDataSource.java:138)
keycloak | ... 45 more
keycloak | Caused by: javax.resource.ResourceException: IJ031084: Unable to create connection
keycloak | at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createLocalManagedConnection(LocalManagedConnectionFactory.java:345)
keycloak | at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.getLocalManagedConnection(LocalManagedConnectionFactory.java:352)
keycloak | at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createManagedConnection(LocalManagedConnectionFactory.java:287)
keycloak | at org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.createConnectionEventListener(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:1325)
keycloak | at org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.getConnection(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:499)
keycloak | at org.jboss.jca.core.connectionmanager.pool.AbstractPool.getSimpleConnection(AbstractPool.java:632)
keycloak | at org.jboss.jca.core.connectionmanager.pool.AbstractPool.getConnection(AbstractPool.java:604)
keycloak | at org.jboss.jca.core.connectionmanager.AbstractConnectionManager.getManagedConnection(AbstractConnectionManager.java:624)
keycloak | ... 48 more
keycloak | Caused by: org.postgresql.util.PSQLException: The connection attempt failed.
keycloak | at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:292)
keycloak | at org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:49)
keycloak | at org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:195)
keycloak | at org.postgresql.Driver.makeConnection(Driver.java:454)
keycloak | at org.postgresql.Driver.connect(Driver.java:256)
keycloak | at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createLocalManagedConnection(LocalManagedConnectionFactory.java:321)
keycloak | ... 55 more
keycloak | Caused by: java.net.UnknownHostException: postgresdb
keycloak | at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:184)
keycloak | at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
keycloak | at java.net.Socket.connect(Socket.java:589)
keycloak | at org.postgresql.core.PGStream.<init>(PGStream.java:70)
keycloak | at org.postgresql.core.v3.ConnectionFactoryImpl.tryConnect(ConnectionFactoryImpl.java:91)
keycloak | at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:192)
keycloak | ... 60 more
keycloak |
keycloak | 23:42:11,996 INFO [org.jboss.as.connector.subsystems.datasources] (MSC service thread 1-8) WFLYJCA0010: Unbound data source [java:jboss/datasources/KeycloakDS]
keycloak | 23:42:11,998 INFO [org.jboss.as.mail.extension] (MSC service thread 1-7) WFLYMAIL0002: Unbound mail session [java:jboss/mail/Default]
keycloak | 23:42:11,998 INFO [org.wildfly.extension.undertow] (MSC service thread 1-7) WFLYUT0008: Undertow HTTPS listener https suspending
keycloak | 23:42:12,002 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-3) ISPN000080: Disconnecting JGroups channel ejb
keycloak | 23:42:12,003 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-1) ISPN000080: Disconnecting JGroups channel ejb
keycloak | 23:42:12,005 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-4) ISPN000080: Disconnecting JGroups channel ejb
keycloak | 23:42:12,009 INFO [org.jboss.as.connector.subsystems.datasources] (MSC service thread 1-1) WFLYJCA0010: Unbound data source [java:jboss/datasources/ExampleDS]
keycloak | 23:42:12,010 INFO [org.jboss.modcluster] (ServerService Thread Pool -- 70) MODCLUSTER000002: Initiating mod_cluster shutdown
keycloak | 23:42:12,010 INFO [org.wildfly.extension.undertow] (MSC service thread 1-5) WFLYUT0008: Undertow AJP listener ajp suspending
keycloak | 23:42:12,012 INFO [org.jboss.as.connector.deployers.jdbc] (MSC service thread 1-3) WFLYJCA0019: Stopped Driver service with driver-name = postgresql
keycloak | 23:42:12,012 INFO [org.jboss.as.connector.deployers.jdbc] (MSC service thread 1-1) WFLYJCA0019: Stopped Driver service with driver-name = h2
keycloak | 23:42:12,016 INFO [org.wildfly.extension.undertow] (MSC service thread 1-7) WFLYUT0007: Undertow HTTPS listener https stopped, was bound to 0.0.0.0:8443
keycloak | 23:42:12,016 INFO [org.wildfly.extension.undertow] (MSC service thread 1-5) WFLYUT0007: Undertow AJP listener ajp stopped, was bound to 0.0.0.0:8009
keycloak | 23:42:12,022 INFO [org.wildfly.extension.undertow] (MSC service thread 1-5) WFLYUT0008: Undertow HTTP listener default suspending
keycloak | 23:42:12,025 INFO [org.wildfly.extension.undertow] (MSC service thread 1-5) WFLYUT0007: Undertow HTTP listener default stopped, was bound to 0.0.0.0:8080
keycloak | 23:42:12,029 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 66) WFLYCLINF0003: Stopped client-mappings cache from ejb container
keycloak | 23:42:12,031 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-1) ISPN000080: Disconnecting JGroups channel ejb
keycloak | 23:42:12,034 INFO [org.wildfly.extension.undertow] (MSC service thread 1-4) WFLYUT0019: Host default-host stopping
keycloak | 23:42:12,035 INFO [org.wildfly.extension.undertow] (MSC service thread 1-3) WFLYUT0004: Undertow 2.0.19.Final stopping
keycloak | 23:42:12,040 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 60) WFLYCLINF0003: Stopped keys cache from keycloak container
keycloak | 23:42:12,040 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 64) WFLYCLINF0003: Stopped authorization cache from keycloak container
keycloak | 23:42:12,043 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 64) WFLYCLINF0003: Stopped users cache from keycloak container
keycloak | 23:42:12,046 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 61) WFLYCLINF0003: Stopped realms cache from keycloak container
keycloak | 23:42:12,046 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 59) WFLYCLINF0003: Stopped work cache from keycloak container
keycloak | 23:42:12,049 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 60) WFLYCLINF0003: Stopped offlineSessions cache from keycloak container
keycloak | 23:42:12,051 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 70) WFLYCLINF0003: Stopped authenticationSessions cache from keycloak container
keycloak | 23:42:12,051 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 66) WFLYCLINF0003: Stopped clientSessions cache from keycloak container
keycloak | 23:42:12,053 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 62) WFLYCLINF0003: Stopped offlineClientSessions cache from keycloak container
keycloak | 23:42:12,054 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 63) WFLYCLINF0003: Stopped loginFailures cache from keycloak container
keycloak | 23:42:12,055 INFO [org.jboss.as.server.deployment] (MSC service thread 1-5) WFLYSRV0028: Stopped deployment keycloak-server.war (runtime-name: keycloak-server.war) in 90ms
keycloak | 23:42:12,055 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 69) WFLYCLINF0003: Stopped actionTokens cache from keycloak container
keycloak | 23:42:12,055 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 67) WFLYCLINF0003: Stopped sessions cache from keycloak container
keycloak | 23:42:12,067 INFO [org.infinispan.remoting.transport.jgroups.JGroupsTransport] (MSC service thread 1-3) ISPN000080: Disconnecting JGroups channel ejb
keycloak | 23:42:12,078 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([("subsystem" => "microprofile-metrics-smallrye")]): java.lang.NullPointerException
keycloak | at org.wildfly.extension.microprofile.metrics.MicroProfileMetricsSubsystemAdd$2.execute(MicroProfileMetricsSubsystemAdd.java:86)
keycloak | at org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.java:999)
keycloak | at org.jboss.as.controller.AbstractOperationContext.processStages(AbstractOperationContext.java:743)
keycloak | at org.jboss.as.controller.AbstractOperationContext.executeOperation(AbstractOperationContext.java:467)
keycloak | at org.jboss.as.controller.OperationContextImpl.executeOperation(OperationContextImpl.java:1412)
keycloak | at org.jboss.as.controller.ModelControllerImpl.boot(ModelControllerImpl.java:521)
keycloak | at org.jboss.as.controller.AbstractControllerService.boot(AbstractControllerService.java:472)
keycloak | at org.jboss.as.controller.AbstractControllerService.boot(AbstractControllerService.java:434)
keycloak | at org.jboss.as.server.ServerService.boot(ServerService.java:435)
keycloak | at org.jboss.as.server.ServerService.boot(ServerService.java:394)
keycloak | at org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:374)
keycloak | at java.lang.Thread.run(Thread.java:748)
keycloak |
keycloak | 23:42:12,080 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0190: Step handler org.jboss.as.server.DeployerChainAddHandler$FinalRuntimeStepHandler@219052d3 for operation add-deployer-chains at address [] failed handling operation rollback -- java.util.concurrent.RejectedExecutionException: java.util.concurrent.RejectedExecutionException
keycloak | at org.jboss.threads.RejectingExecutor.execute(RejectingExecutor.java:37)
keycloak | at org.jboss.threads.EnhancedQueueExecutor.rejectShutdown(EnhancedQueueExecutor.java:2026)
keycloak | at org.jboss.threads.EnhancedQueueExecutor.execute(EnhancedQueueExecutor.java:757)
keycloak | at org.jboss.as.controller.notification.NotificationSupports$NonBlockingNotificationSupport.emit(NotificationSupports.java:95)
keycloak | at org.jboss.as.controller.OperationContextImpl.notifyModificationBegun(OperationContextImpl.java:876)
keycloak | at org.jboss.as.controller.OperationContextImpl.ensureWriteLockForRuntime(OperationContextImpl.java:865)
keycloak | at org.jboss.as.controller.OperationContextImpl.removeService(OperationContextImpl.java:638)
keycloak | at org.jboss.as.server.DeployerChainAddHandler$FinalRuntimeStepHandler$1.handleRollback(DeployerChainAddHandler.java:135)
keycloak | at org.jboss.as.controller.AbstractOperationContext$RollbackDelegatingResultHandler.handleResult(AbstractOperationContext.java:1561)
keycloak | at org.jboss.as.controller.AbstractOperationContext$Step.invokeResultHandler(AbstractOperationContext.java:1533)
keycloak | at org.jboss.as.controller.AbstractOperationContext$Step.handleResult(AbstractOperationContext.java:1515)
keycloak | at org.jboss.as.controller.AbstractOperationContext$Step.finalizeInternal(AbstractOperationContext.java:1472)
keycloak | at org.jboss.as.controller.AbstractOperationContext$Step.finalizeStep(AbstractOperationContext.java:1455)
keycloak | at org.jboss.as.controller.AbstractOperationContext$Step.access$400(AbstractOperationContext.java:1319)
keycloak | at org.jboss.as.controller.AbstractOperationContext.executeResultHandlerPhase(AbstractOperationContext.java:876)
keycloak | at org.jboss.as.controller.AbstractOperationContext.processStages(AbstractOperationContext.java:756)
keycloak | at org.jboss.as.controller.AbstractOperationContext.executeOperation(AbstractOperationContext.java:467)
keycloak | at org.jboss.as.controller.OperationContextImpl.executeOperation(OperationContextImpl.java:1412)
keycloak | at org.jboss.as.controller.ModelControllerImpl.boot(ModelControllerImpl.java:521)
keycloak | at org.jboss.as.controller.AbstractControllerService.boot(AbstractControllerService.java:472)
keycloak | at org.jboss.as.controller.AbstractControllerService.boot(AbstractControllerService.java:434)
keycloak | at org.jboss.as.server.ServerService.boot(ServerService.java:435)
keycloak | at org.jboss.as.server.ServerService.boot(ServerService.java:394)
keycloak | at org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:374)
keycloak | at java.lang.Thread.run(Thread.java:748)
keycloak | Suppressed: java.util.concurrent.RejectedExecutionException: Executor is being shut down
keycloak | at org.jboss.threads.EnhancedQueueExecutor.rejectShutdown(EnhancedQueueExecutor.java:2028)
keycloak | ... 23 more
keycloak |
keycloak | 23:42:12,080 ERROR [org.jboss.as.controller.client] (Controller Boot Thread) WFLYCTL0190: Step handler org.jboss.as.server.DeployerChainAddHandler$FinalRuntimeStepHandler@219052d3 for operation add-deployer-chains at address [] failed handling operation rollback -- java.util.concurrent.RejectedExecutionException
keycloak | keycloak exited with code 1
4 years, 9 months
- 1
- 0
Keycloak Gatekeeper (forwarding proxy) does nothing
by bob sheknowdas
Hi,
I have a docker-compose setup with service 1 (grafana) sending requests to
service 2 (prometheus). I've put a Keycloak Gatekeeper in front of service
2, asking for authentication. That works perfectly fine.
Now my idea was to also place a second Keycloak Gatekeeper in front of
service 1, injecting said authentication.
Unfortunately, that doesnt work. Observing my traffic via wireshark, it
seems my second Keycloak Gatekeeper is not even involved in any
communication.
My docker compose file for service 1 and the forwarding proxy looks roughly
like this:
keycloak-forwarder:
image: quay.io/keycloak/keycloak-gatekeeper
command:
- --enable-forwarding=true
- --forwarding-username=<my_username>
- --forwarding-password=<my_password>
- --forwarding-domains=${BASE_DOMAIN}/grafana
- --listen=:3001
- --client-id=<my_keycloak_client_id>
- --client-secret=<my_keycloak_client_secret>
- --discovery-url=${DOMAIN_PROTOCOL}://${KEYCLOAK_DOMAIN}/auth/realms/<my_keycloak_realm>
networks:
- webgateway
grafana:
image: grafana/grafana
networks:
- webgateway
labels:
traefik.enable: true
traefik.backend: grafana
traefik.frontend.rule:
Host:${BASE_DOMAIN};PathPrefix:/grafana;PathPrefixStrip:/grafana
traefik.port: 3000
traefik.docker.network: webgateway
Do you have any idea how to fix this?
Best
Bob
4 years, 9 months
- 1
- 0
Redirect issue with HTTPS and Proxy
by Yang Yang
Hello,
I am trying to make keycloak work behind a Nginx proxy with HTTPS, but got an redirect issue. Could you help to shed some light?
1. keycloak in standalone mode is installed on local_ip_a and public_ip_a, while Nginx is on local_ip_b and public_ip_b. local_ip_a and local_ip_b are in the same subnet.
2. keycloak works fine with https when I reach it with local_ip_a or public_ip_a, following guide here <https://www.keycloak.org/docs/6.0/server_installation/index.html#enabling...>
...
<security-realm name="UndertowRealm">
<server-identities>
<ssl>
<keystore path="keycloak.jks" relative-to="jboss.server.config.dir" keystore-password="secret" />
</ssl>
</server-identities>
</security-realm>
…
<server name="default-server">
<http-listener name="default" socket-binding="http" redirect-socket="https" enable-http2="true"/>
<https-listener name="https" socket-binding="https" security-realm="UndertowRealm" enable-http2="true"/>
<host name="default-host" alias="localhost">
<location name="/" handler="welcome-content"/>
<http-invoker security-realm="ApplicationRealm"/>
</host>
</server>
...
3. my nginx configuration for keycloak is as below:
…
server {
listen 8443 ssl;
...
location /auth/ {
proxy_pass https://local_ip_a:8443/auth/;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
…
4. I set the fixed provide following this <https://github.com/keycloak/keycloak-documentation/blob/6.0.1/server_admi...>:
<spi name="hostname">
<default-provider>request</default-provider>
<provider name="fixed" enabled="true">
<properties>
<property name="hostname" value="public_ip_b"/>
<property name="httpPort" value="-1"/>
<property name="httpsPort" value="-1"/>
</properties>
</provider>
</spi>
5. I was able to get the keycloak welcome page at https://public_ip_b:8443/auth/, but when accessing https://public_ip_b:8443/auth/admin, I was redirected to https://public_ip_b:8443/auth/admin/master/console/ and then to the following address:
https://local_ip_a:8443/auth/realms/master/protocol/openid-connect/auth?c...
6. The keycloak message tells:
22:19:44,848 WARN [org.keycloak.events] (default task-16) type=LOGIN_ERROR, realmId=master, clientId=security-admin-console, userId=null, ipAddress= local_ip_b, error=invalid_redirect_uri, redirect_uri=https://public_ip_b:8443/auth/admin/master/console/
7. I tried to add https://public_ip_b:8443/auth/* to security-admin-console setting, but got no luck…
4 years, 9 months
- 1
- 1
Keycloak/Gatekeeper "You don't have authorization to view this page" after login
by Nick Powers
Hello,
I have installed Keycloak and Gatekeeper with hopes that i can use it to
authenticate for my web application, which is written in PHP. I am getting
redirected to Keycloak by Gatekeeper and I am able to register for an
account once there. But, as soon as I finish creating the account, or now
when I return to my domain I get a 403 error message "You don't have
authorization to view this page."
The URL that I am landing on is
https://commentcontext.com/oauth/callback?state=3e810acf-ff2d-448c-9165-0...
Does anyone have any idea why I am getting the 403 error message? I added a
new realm and a client in that realm but I didn't add any roles or anything
else to it. Also, I have yet to write any code for my webapp yet. I just
have an index.php in / that dumps the headers and phpinfo().
Any help would be greatly appreciated! I am happy to provide any
additional info that might help you determine the problem. Just let me
know what you need.
Thanks,
Nick
4 years, 9 months
- 1
- 0