Re: [keycloak-user] Jetty 503 when secured with confidential client+env vars, works with public

Did you bump to trace log on Keycloak server and Jetty? Maybe that'll show something interesting. Where's the 503 coming from? Keycloak or Jetty? What about remote debugging it? On 4 January 2017 at 11:20, cen <imbacen(a)gmail.com <mailto:imbacen@gmail.com>> wrote: I am using embedded Jetty 9.2. If I use a public client with env vars in JSON everything works, if I use env vars for confidential client it breaks with "503 service unavailable". Works: { "realm": "${env.KC_REALM}", "realm-public-key": "${env.KC_PUBLIC_KEY}", "auth-server-url": "${env.KC_BASE_URL}", "ssl-required": "${env.KC_SSL_REQUIRED}", "resource": "${env.KC_RESOURCE}", "public-client": true } Fails: { "realm": "${env.KC_REALM}", "realm-public-key": "${env.KC_PUBLIC_KEY}", "auth-server-url": "${env.KC_BASE_URL}", "ssl-required": "${env.KC_SSL_REQUIRED}", "resource": "${env.KC_CLIENT}", "credentials": { "secret": "${env.KC_CLIENT_SECRET}" }, "use-resource-mappings": true } Confidential client works if I copy-paste the JSON from "Installation" tab directly (without env vars). I checked at least 10 times that my env vars are correct and that I don't have a typo somewhere. Unfortunately there are zero logs from Jetty or Keycloak adapter about the problem. How would I go troubleshooting this? _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org <mailto:keycloak-user@lists.jboss.org> https://lists.jboss.org/mailman/listinfo/keycloak-user <https://lists.jboss.org/mailman/listinfo/keycloak-user>