Re: [keycloak-user] HTTP error - 400 Bad Request - create realm CLI

The –x trick gave me enough info to find this… https://issues.jboss.org/browse/KEYCLOAK-1268 And even if the workarounds work it looks like keycloak was not designed and is not tested for the sort of multi-tenant setup I was trying to do. The jdbc driver version was a red herring – everything is the latest version Using the CLI with –x I got the following HTTP error - 400 Bad Request org.keycloak.client.admin.cli.util.HttpResponseException: HTTP error - 400 Bad Request at org.keycloak.client.admin.cli.util.HeadersBodyStatus. checkSuccess(HeadersBodyStatus.java:61) at org.keycloak.client.admin.cli. util.HttpUtil.checkSuccess(HttpUtil.java:329) at org.keycloak.client.admin.cli. commands.AbstractRequestCmd.process(AbstractRequestCmd.java:363) at org.keycloak.client.admin.cli. commands.AbstractRequestCmd.execute(AbstractRequestCmd.java:126) at org.jboss.aesh.console.command.container. DefaultCommandContainer.executeCommand(DefaultCommandContainer.java:63) at org.jboss.aesh.console.command.container. DefaultCommandContainer.executeCommand(DefaultCommandContainer.java:48) at org.keycloak.client.admin.cli. aesh.AeshConsoleCallbackImpl.execute(AeshConsoleCallbackImpl.java:54) at org.jboss.aesh.console.AeshProcess.run(AeshProcess. java:53) at java.util.concurrent.ThreadPoolExecutor.runWorker( ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run( ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: java.lang.RuntimeException: <html> <head><title>400 Request Header Or Cookie Too Large</title></head> <body bgcolor="white"> <center><h1>400 Bad Request</h1></center> <center>Request Header Or Cookie Too Large</center> <hr><center>awselb/2.0</center> </body> </html> Colin From: Colin Coleman <cco(a)capraconsulting.no&gt; Date: Wednesday, 15 February 2017 at 10:05 To: Marko Strukelj <mstrukel(a)redhat.com&gt; Cc: keycloak-user <keycloak-user(a)lists.jboss.org&gt; Subject: Re: [keycloak-user] HTTP error - 400 Bad Request - create realm CLI There is no stacktrace on the logs – I turned the <root-logger> level up to debug and could find nothing then either. The only difference between a success when there were less than 20 realms and a failure when there were more than 20 realms was a lack of debug lines from org.hibernate which seems to show that the database never gets queried when a 400 is produced. My Stack is: Ubuntu 16.04 openjdk version "1.8.0_121" PostgreSQL 9.6.1 (running on different machine) keycloak-2.5.1.Final – running uning standalone-ha.xml DB driver: postgresql-9.4.1212.jre6.jar Writing this I notice that the db driver and db are not on the same level – I will update this and test again. ------------------------------------------------ Colin From: Marko Strukelj <mstrukel(a)redhat.com&gt; Date: Tuesday, 14 February 2017 at 18:16 To: Colin Coleman <cco(a)capraconsulting.no&gt; Cc: keycloak-user <keycloak-user(a)lists.jboss.org&gt; Subject: Re: [keycloak-user] HTTP error - 400 Bad Request - create realm CLI There is no such restriction, and I can't reproduce your issue. Is there any stacktrace on the server? Do you get any more information on the client if you add -x option? On Tue, Feb 14, 2017 at 1:01 PM, Colin Coleman <cco(a)capraconsulting.no&gt; wrote: Hello, Is there a setting limiting the number of realms that can be created with the CLI? When creating realms via the CLI I start getting HTTP error - 400 Bad Request after about 20 realms kcadm.sh create realms -s realm=test3 -s enabled=true kcadm.sh create realms -s realm=test4 -s enabled=true kcadm.sh create realms -s realm=test5 -s enabled=true . . . I get . . Created new realm with id 'test13' Created new realm with id 'test14' HTTP error - 400 Bad Request HTTP error - 400 Bad Request . . . Colin _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user