[aerogear-dev] [UPS] issues with UPS 1.1 on OpenShift (manual deploy)

Lukáš Fryč lukas.fryc at gmail.com
Tue Apr 7 03:50:56 EDT 2015 

Thanks for update, Bruno. I will try it and let you know.

po 6. 4. 2015 v 19:14 odesílatel Bruno Oliveira <bruno at abstractj.org>
napsal:

> A little update, if you're willing to deploy UPS on Openshift:
> https://issues.jboss.org/browse/AGPUSH-1352
>
> On 2015-04-02, Sebastien Blanc wrote:
> > Thx for the headup !
> > When did this upgrade happened ?
> > Shouldn't we have the problem also with UPS 1.0.x series on OpenShift ?
> >
> > On Thu, Apr 2, 2015 at 2:55 PM, Bruno Oliveira <bruno at abstractj.org>
> wrote:
> >
> > > Good morning guys, I'm investigating the problem since yesterday. The
> > > problem at first glance is related with the upgrade on OpenShift to
> Java 8.
> > >
> > > Java 8 sends TLSv1.2 ClientHello and Java 7 TLSv1 and if the server
> > > somehow does not support version 1.2, it should be able to negotiate
> down
> > > to 1.1 or 1.0.
> > >
> > > I'm still investigating the root cause, but the immediate fix is to
> run KC
> > > and UPS on JDK 1.7 only. Meanwhile I will be investigating the issue.
> > >
> > > On Tue, Mar 31, 2015 at 11:10 AM, Matthias Wessendorf <
> matzew at apache.org>
> > > wrote:
> > >
> > >> that is on a totally different KC version
> > >>
> > >> On Tue, Mar 31, 2015 at 4:03 PM, Sebastien Blanc <scm.blanc at gmail.com
> >
> > >> wrote:
> > >>
> > >>> Maybe,
> > >>> But it may also be that  I'm missing something stupid :) and I have
> to
> > >>> configure something extra since openshift is https and I always test
> > >>> locally ... But yeah for 1.0.x I did not have to do anything.
> > >>>
> > >>>
> > >>> On Tue, Mar 31, 2015 at 3:52 PM, Matthias Wessendorf <
> matzew at apache.org>
> > >>> wrote:
> > >>>
> > >>>> anything wrong w/ the keycloak adapter, or was there a fix for a
> 1.1.1?
> > >>>>
> > >>>> On Tue, Mar 31, 2015 at 3:50 PM, Sebastien Blanc <
> scm.blanc at gmail.com>
> > >>>> wrote:
> > >>>>
> > >>>>> Hi !
> > >>>>> I was trying (and so was Lukas) to deploy UPS 1.1 (master branch)
> to
> > >>>>> an openshift gear (Wildfly 8.2 cartridge). After tweaking a bit the
> > >>>>> datasources to get it deployed, when trying to access /ag-push ,
> I'm get an
> > >>>>> 500 internal server error.
> > >>>>>
> > >>>>> The wildfly logs show me the following :
> > >>>>>
> > >>>>> 2015-03-31 09:40:47,240 ERROR [io.undertow.request] (default
> task-8) UT005023: Exception handling request to /ag-push/index.html:
> java.lang.RuntimeException: Unable to resolve realm public key remotely
> > >>>>>         at org.keycloak.adapters.AdapterDeploymentContext.
> resolveRealmKey(AdapterDeploymentContext.java:134)
> [keycloak-adapter-core-1.1.0.Final.jar:1.1.0.Final]
> > >>>>>         at org.keycloak.adapters.AdapterDeploymentContext.
> resolveDeployment(AdapterDeploymentContext.java:83)
> [keycloak-adapter-core-1.1.0.Final.jar:1.1.0.Final]
> > >>>>>         at org.keycloak.adapters.PreAuthActionsHandler.
> preflightCors(PreAuthActionsHandler.java:71) [keycloak-adapter-core-1.1.0.
> Final.jar:1.1.0.Final]
> > >>>>>         at org.keycloak.adapters.PreAuthActionsHandler.
> handleRequest(PreAuthActionsHandler.java:47) [keycloak-adapter-core-1.1.0.
> Final.jar:1.1.0.Final]
> > >>>>>         at org.keycloak.adapters.undertow.
> ServletPreAuthActionsHandler.handleRequest(ServletPreAuthActionsHandler.java:68)
> [keycloak-undertow-adapter-1.1.0.Final.jar:1.1.0.Final]
> > >>>>>         at io.undertow.server.handlers.PredicateHandler.
> handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.
> jar:1.1.0.Final]
> > >>>>>         at io.undertow.servlet.handlers.ServletInitialHandler.
> handleFirstRequest(ServletInitialHandler.java:261)
> [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
> > >>>>>         at io.undertow.servlet.handlers.ServletInitialHandler.
> dispatchRequest(ServletInitialHandler.java:247)
> [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
> > >>>>>         at io.undertow.servlet.handlers.
> ServletInitialHandler.access$000(ServletInitialHandler.java:76)
> [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
> > >>>>>         at io.undertow.servlet.handlers.ServletInitialHandler$1.
> handleRequest(ServletInitialHandler.java:166)
> [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
> > >>>>>         at io.undertow.server.Connectors.
> executeRootHandler(Connectors.java:197) [undertow-core-1.1.0.Final.
> jar:1.1.0.Final]
> > >>>>>         at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:759)
> [undertow-core-1.1.0.Final.jar:1.1.0.Final]
> > >>>>>         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> [rt.jar:1.8.0_31]
> > >>>>>         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> [rt.jar:1.8.0_31]
> > >>>>>         at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_31]
> > >>>>> Caused by: javax.net.ssl.SSLPeerUnverifiedException: peer not
> authenticated
> > >>>>>         at sun.security.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:431)
> [jsse.jar:1.8.0_31]
> > >>>>>         at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
> [httpclient-4.2.1.jar:4.2.1]
> > >>>>>         at org.apache.http.conn.ssl.SSLSocketFactory.
> connectSocket(SSLSocketFactory.java:572) [httpclient-4.2.1.jar:4.2.1]
> > >>>>>         at org.apache.http.impl.conn.
> DefaultClientConnectionOperator.openConnection(
> DefaultClientConnectionOperator.java:180) [httpclient-4.2.1.jar:4.2.1]
> > >>>>>
> > >>>>>
> > >>>>> So "peer not authenticated" seems pretty obvious for the reason it
> fails.
> > >>>>> The question is what do we need to do for this ? Anyone an idea ?
> > >>>>>
> > >>>>> Thx,
> > >>>>> Sebi
> > >>>>>
> > >>>>>
> > >>>>> _______________________________________________
> > >>>>> aerogear-dev mailing list
> > >>>>> aerogear-dev at lists.jboss.org
> > >>>>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
> > >>>>>
> > >>>>
> > >>>>
> > >>>>
> > >>>> --
> > >>>> Matthias Wessendorf
> > >>>>
> > >>>> blog: http://matthiaswessendorf.wordpress.com/
> > >>>> sessions: http://www.slideshare.net/mwessendorf
> > >>>> twitter: http://twitter.com/mwessendorf
> > >>>>
> > >>>> _______________________________________________
> > >>>> aerogear-dev mailing list
> > >>>> aerogear-dev at lists.jboss.org
> > >>>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
> > >>>>
> > >>>
> > >>>
> > >>> _______________________________________________
> > >>> aerogear-dev mailing list
> > >>> aerogear-dev at lists.jboss.org
> > >>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
> > >>>
> > >>
> > >>
> > >>
> > >> --
> > >> Matthias Wessendorf
> > >>
> > >> blog: http://matthiaswessendorf.wordpress.com/
> > >> sessions: http://www.slideshare.net/mwessendorf
> > >> twitter: http://twitter.com/mwessendorf
> > >>
> > >> _______________________________________________
> > >> aerogear-dev mailing list
> > >> aerogear-dev at lists.jboss.org
> > >> https://lists.jboss.org/mailman/listinfo/aerogear-dev
> > >>
> > >
> > >
> > >
> > > --
> > >
> > > --
> > > "The measure of a man is what he does with power" - Plato
> > > -
> > > @abstractj
> > > -
> > > Volenti Nihil Difficile
> > >
> > > _______________________________________________
> > > aerogear-dev mailing list
> > > aerogear-dev at lists.jboss.org
> > > https://lists.jboss.org/mailman/listinfo/aerogear-dev
> > >
>
> > _______________________________________________
> > aerogear-dev mailing list
> > aerogear-dev at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/aerogear-dev
>
>
> --
>
> abstractj
> PGP: 0x84DC9914
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/aerogear-dev/attachments/20150407/98fc0d5b/attachment-0001.html

More information about the aerogear-dev mailing list