[Aerogear-users] Unable to resolve realm public key remotely

Matthias Wessendorf matzew at apache.org
Thu May 19 06:34:15 EDT 2016


hrm, not atm

perhaps wanna ask at keycloak list?


On Thursday, 19 May 2016, Philipp Koetz, mVISE AG <Philipp.Koetz at mvise.de>
wrote:

> Just to share my "fix" for this problem:
>
> The server is embedded in a bigger infrastructure and is called though vpn
> tunnel. It looked like that it was not able to determine the realm public
> key through the tunnel. executing a wget from the vserver itself to
> /ag-push/index.html solved the problem and the push server can be
> accessed through the tunnel, even after restart.  Maybe AeroGear Dev Team
> knows why this was neccessary?
> ------------------------------
> *Von:* aerogear-users-bounces at lists.jboss.org
> <javascript:_e(%7B%7D,'cvml','aerogear-users-bounces at lists.jboss.org');> <
> aerogear-users-bounces at lists.jboss.org
> <javascript:_e(%7B%7D,'cvml','aerogear-users-bounces at lists.jboss.org');>>
> im Auftrag von Philipp Koetz, mVISE AG <Philipp.Koetz at mvise.de
> <javascript:_e(%7B%7D,'cvml','Philipp.Koetz at mvise.de');>>
> *Gesendet:* Mittwoch, 18. Mai 2016 15:39
> *An:* aerogear-users at lists.jboss.org
> <javascript:_e(%7B%7D,'cvml','aerogear-users at lists.jboss.org');>
> *Betreff:* Re: [Aerogear-users] Unable to resolve realm public key
> remotely
>
>
> Yes, auth-server.war is deployed and running:
>
>
>
> 2016-05-18 12:50:10,549 INFO  [org.wildfly.extension.undertow] (MSC
> service thread 1-4) JBAS017534: Registered web context: /ag-push
>
> 2016-05-18 12:50:10,748 INFO
> [org.keycloak.services.resources.KeycloakApplication] (MSC service thread
> 1-3) Not importing realm aerogear from resource /WEB-INF/ups-realm.json.
> It already exists.
>
> 2016-05-18 12:50:10,862 INFO  [org.wildfly.extension.undertow] (MSC
> service thread 1-3) JBAS017534: Registered web context: /auth
>
> 2016-05-18 12:50:11,013 INFO  [org.jboss.as.server] (ServerService Thread
> Pool -- 31) JBAS018559: Deployed "unifiedpush-auth-server.war"
> (runtime-name : "unifiedpush-auth-server.war")
>
> 2016-05-18 12:50:11,013 INFO  [org.jboss.as.server] (ServerService Thread
> Pool -- 31) JBAS018559: Deployed "unifiedpush-server-wildfly.war"
> (runtime-name : "unifiedpush-server-wildfly.war")
>
>
>
> When I call auth/ I get a redirect (with the according message) to
> ag-push/ and then receive “internatl server error” with the stack trace
> from the first mail.
>
>
>
> I will have a look in the dockerfiles.
>
>
>
> *Von:* aerogear-users-bounces at lists.jboss.org
> <javascript:_e(%7B%7D,'cvml','aerogear-users-bounces at lists.jboss.org');>
> [mailto:aerogear-users-bounces at lists.jboss.org
> <javascript:_e(%7B%7D,'cvml','aerogear-users-bounces at lists.jboss.org');>] *Im
> Auftrag von *Matthias Wessendorf
> *Gesendet:* Mittwoch, 18. Mai 2016 15:33
> *An:* aerogear-users at lists.jboss.org
> <javascript:_e(%7B%7D,'cvml','aerogear-users at lists.jboss.org');>
> *Betreff:* Re: [Aerogear-users] Unable to resolve realm public key
> remotely
>
>
>
> Did you deploy the auth-server.war file?
>
>
>
> In our Dockerfiles, we do have example for self-signed certs too (WF-9,
> based). Perhaps worth to check it out as well, as a pattern?
>
> https://github.com/aerogear/dockerfiles/tree/1.1.x/wildfly
>
>
>
> -M
>
>
>
> On Wed, May 18, 2016 at 3:10 PM, Philipp Koetz, mVISE AG <
> Philipp.Koetz at mvise.de
> <javascript:_e(%7B%7D,'cvml','Philipp.Koetz at mvise.de');>> wrote:
>
> Hello,
>
>
>
> i’ve set up the unified push server and run in this stack trace while
> trying to access /ag-push/
>
>
>
> 2016-05-18 12:51:24,969 ERROR [io.undertow.request] (default task-8)
> UT005023: Exception handling request to /ag-push/index.html:
> java.lang.RuntimeException: Unable to resolve realm public key remotely
>
>         at
> org.keycloak.adapters.AdapterDeploymentContext.resolveRealmKey(AdapterDeploymentContext.java:134)
> [keycloak-adapter-core-1.3.1.Final.jar:1.3.1.Final]
>
>         at
> org.keycloak.adapters.AdapterDeploymentContext.resolveDeployment(AdapterDeploymentContext.java:83)
> [keycloak-adapter-core-1.3.1.Final.jar:1.3.1.Final]
>
>         at
> org.keycloak.adapters.PreAuthActionsHandler.preflightCors(PreAuthActionsHandler.java:71)
> [keycloak-adapter-core-1.3.1.Final.jar:1.3.1.Final]
>
>         at
> org.keycloak.adapters.PreAuthActionsHandler.handleRequest(PreAuthActionsHandler.java:47)
> [keycloak-adapter-core-1.3.1.Final.jar:1.3.1.Final]
>
>         at
> org.keycloak.adapters.undertow.ServletPreAuthActionsHandler.handleRequest(ServletPreAuthActionsHandler.java:68)
> [keycloak-undertow-adapter-1.3.1.Final.jar:1.3.1.Final]
>
>         at
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> [undertow-core-1.1.8.Final.jar:1.1.8.Final]
>
>         at
> io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261)
> [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
>
>         at
> io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:248)
> [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
>
>         at
> io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:77)
> [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
>
>         at
> io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:167)
> [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
>
>         at
> io.undertow.server.Connectors.executeRootHandler(Connectors.java:199)
> [undertow-core-1.1.8.Final.jar:1.1.8.Final]
>
>         at
> io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:761)
> [undertow-core-1.1.8.Final.jar:1.1.8.Final]
>
>         at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> [rt.jar:1.8.0_72-internal]
>
>         at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> [rt.jar:1.8.0_72-internal]
>
>         at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_72-internal]
>
> Caused by: java.net.ConnectException: Connection refused
>
>         at java.net.PlainSocketImpl.socketConnect(Native Method)
> [rt.jar:1.8.0_72-internal]
>
>         at
> java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
> [rt.jar:1.8.0_72-internal]
>
>         at
> java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
> [rt.jar:1.8.0_72-internal]
>
>         at
> java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
> [rt.jar:1.8.0_72-internal]
>
>         at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
> [rt.jar:1.8.0_72-internal]
>
>         at java.net.Socket.connect(Socket.java:589)
> [rt.jar:1.8.0_72-internal]
>
>         at sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:668)
> [jsse.jar:1.8.0_72-internal]
>
>         at
> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:524)
> [httpclient-4.3.6.jar:4.3.6]
>
>         at
> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:403)
> [httpclient-4.3.6.jar:4.3.6]
>
>         at
> org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:177)
> [httpclient-4.3.6.jar:4.3.6]
>
>         at
> org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:144)
> [httpclient-4.3.6.jar:4.3.6]
>
>         at
> org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:131)
> [httpclient-4.3.6.jar:4.3.6]
>
>         at
> org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:611)
> [httpclient-4.3.6.jar:4.3.6]
>
>         at
> org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:446)
> [httpclient-4.3.6.jar:4.3.6]
>
>         at
> org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:863)
> [httpclient-4.3.6.jar:4.3.6]
>
>         at
> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
> [httpclient-4.3.6.jar:4.3.6]
>
>         at
> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:106)
> [httpclient-4.3.6.jar:4.3.6]
>
>         at
> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:57)
> [httpclient-4.3.6.jar:4.3.6]
>
>         at
> org.keycloak.adapters.AdapterDeploymentContext.resolveRealmKey(AdapterDeploymentContext.java:105)
> [keycloak-adapter-core-1.3.1.Final.jar:1.3.1.Final]
>
>         ... 14 more
>
>
>
> SSL setup should be correct, with a self signed cert, till accessing the
> wildfly start page via https works correctly.
>
> If it helps I can also provide the standalone-full.xml.
>
>
>
> I’m using version 1.13 on Wildfly 8.2.1. The error appears on http and
> https.
>
>
>
> Regards,
>
> Philipp Koetz
>
>
>
>
>
>
> _______________________________________________
> Aerogear-users mailing list
> Aerogear-users at lists.jboss.org
> <javascript:_e(%7B%7D,'cvml','Aerogear-users at lists.jboss.org');>
> https://lists.jboss.org/mailman/listinfo/aerogear-users
>
>
>
>
>
> --
>
> Matthias Wessendorf
>
> blog: http://matthiaswessendorf.wordpress.com/
> sessions: http://www.slideshare.net/mwessendorf
> twitter: http://twitter.com/mwessendorf
>


-- 
Sent from Gmail Mobile
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/aerogear-users/attachments/20160519/ced92abf/attachment-0001.html 


More information about the Aerogear-users mailing list