Did you bump to trace log on Keycloak server and Jetty? Maybe that'll show
something interesting. Where's the 503 coming from? Keycloak or Jetty? What
about remote debugging it?
On 4 January 2017 at 11:20, cen <imbacen(a)gmail.com> wrote:
I am using embedded Jetty 9.2. If I use a public client with env vars
in
JSON everything works, if I use env vars for confidential client it
breaks with "503 service unavailable".
Works:
{
"realm": "${env.KC_REALM}",
"realm-public-key": "${env.KC_PUBLIC_KEY}",
"auth-server-url": "${env.KC_BASE_URL}",
"ssl-required": "${env.KC_SSL_REQUIRED}",
"resource": "${env.KC_RESOURCE}",
"public-client": true
}
Fails:
{
"realm": "${env.KC_REALM}",
"realm-public-key": "${env.KC_PUBLIC_KEY}",
"auth-server-url": "${env.KC_BASE_URL}",
"ssl-required": "${env.KC_SSL_REQUIRED}",
"resource": "${env.KC_CLIENT}",
"credentials": {
"secret": "${env.KC_CLIENT_SECRET}"
},
"use-resource-mappings": true
}
Confidential client works if I copy-paste the JSON from "Installation"
tab directly (without env vars).
I checked at least 10 times that my env vars are correct and that I
don't have a typo somewhere.
Unfortunately there are zero logs from Jetty or Keycloak adapter about
the problem. How would I go troubleshooting this?
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user