[Apiman-user] Receiving HTML instead of JSON from Keycloak when trying to point apimanui to the API gateway
Marc Savy
marc.savy at redhat.com
Tue Dec 15 10:59:36 EST 2015
Can you try a couple of things that might help debug this, please:
- Log into the KC console, go to the apiman-gateway-api client (or whatever you called it), and flip on `direct grants only`.
- Save and try again
Please let me know the result!
On 14/12/2015 22:00, Paul Blair wrote:
> I'm getting a strange error in my production deployment which I'm having
> difficulty troubleshooting.
>
> After deploying the apiman UI and gateway on separate hosts, according
> to the production guide I have to point the API Manager to the API
> gateway. If I hit the "New Gateway" button, I need to add the URI of the
> gateway. I'm assuming this should be
>
> [PROTOCOL]://[GATEWAY_HOST]:[GATEWAY_PORT]/apiman-gateway-api/ -- which
> should also be set as the redirect URI for the gateway in the Apiman
> realm in Keycloak (followed by a star). This is different from my public
> endpoint, which is [PROTOCOL]://[GATEWAY_HOST]:[GATEWAY_PORT]/apiman-gateway
>
> When I use the apimanager user (set up in the default realm file) to
> test the gateway in the "New Gateway" screen I'm getting this error:
>
> *Gateway Configuration Invalid*
> Something has gone wrong when testing the Gateway. Hopefully the details
> (below) will help you figure out what.
>
> org.codehaus.jackson.JsonParseException: Unexpected character ('<' (code 60)): expected a valid value (number, String, array, object, 'true', 'false' or 'null')
> at [Source: org.apache.http.conn.EofSensorInputStream at 450a7e3f; line: 1, column: 2]
>
>
> If I look at what's happening in the API manager log, it looks like the
> error is coming from getting HTML back from Keycloak where it's
> expecting JSON. Is there some configuration I'm missing? Here are the
> relevant API manager server logs:
>
>
> 21:38:49,715 DEBUG [org.keycloak.adapters.RequestAuthenticator] (default
> task-1) Bearer AUTHENTICATED
> 21:38:49,717 DEBUG [org.keycloak.adapters.AuthenticatedActionsHandler]
> (default task-1) AuthenticatedActionsValve.invoke
> https://[APIMANUI]/apiman/gateways
> ...
> 21:38:50,796 DEBUG [org.apache.http.impl.execchain.MainClientExec]
> (default task-1) Opening connection {s}->https://[GATEWAY]
> ...
> 21:38:50,864 DEBUG [org.apache.http.impl.execchain.MainClientExec]
> (default task-1) Executing request GET /apiman-gateway-api/system/status
> HTTP/1.1
> 21:38:50,864 DEBUG [org.apache.http.impl.execchain.MainClientExec]
> (default task-1) Proxy auth state: UNCHALLENGED
> 21:38:50,866 DEBUG [org.apache.http.headers] (default task-1)
> http-outgoing-0 >> GET /apiman-gateway-api/system/status HTTP/1.1
> 21:38:50,866 DEBUG [org.apache.http.headers] (default task-1)
> http-outgoing-0 >> Authorization: Basic YXBpbWFuYWdlcjphcGltYW4xMjMh
> 21:38:50,866 DEBUG [org.apache.http.headers] (default task-1)
> http-outgoing-0 >> Host: [GATEWAY]
> ...
> 21:38:50,881 DEBUG [org.apache.http.wire] (default task-1)
> http-outgoing-0 << "HTTP/1.1 302 Found[\r][\n]"
> 21:38:50,881 DEBUG [org.apache.http.wire] (default task-1)
> http-outgoing-0 << "Expires: 0[\r][\n]"
> 21:38:50,881 DEBUG [org.apache.http.wire] (default task-1)
> http-outgoing-0 << "Set-Cookie:
> OAuth_Token_Request_State=19/8069a233-7d97-4f9d-8696-673f72815124;
> secure[\r][\n]"
> 21:38:50,882 DEBUG [org.apache.http.wire] (default task-1)
> http-outgoing-0 << "Location:
> https://[KEYCLOAK]/auth/realms/apiman/protocol/openid-connect/auth?response_type=code&client_id=apiman-gateway-api&redirect_uri=https%3A%2F%2F[GATEWAY]%2Fapiman-gateway-api%2Fsystem%2Fstatus&state=19%2F8069a233-7d97-4f9d-8696-673f72815124&login=true[\r][\n]"
> ...
> 21:38:50,894 DEBUG
> [org.apache.http.client.protocol.ResponseProcessCookies] (default
> task-1) Cookie accepted
> [OAuth_Token_Request_State="19/8069a233-7d97-4f9d-8696-673f72815124",
> version:0, domain:ec2-52-34-81-26.us-west-2.compute.amazonaws.com,
> path:/apiman-gateway-api/system, expiry:null]
> 21:38:50,894 DEBUG [org.apache.http.impl.client.DefaultRedirectStrategy]
> (default task-1) Redirect requested to location
> 'https://[KEYCLOAK]/auth/realms/apiman/protocol/openid-connect/auth?response_type=code&client_id=apiman-gateway-api&redirect_uri=https%3A%2F%2F[GATEWAY]%2Fapiman-gateway-api%2Fsystem%2Fstatus&state=19%2F8069a233-7d97-4f9d-8696-673f72815124&login=true'
> 21:38:50,900 DEBUG [org.apache.http.impl.execchain.RedirectExec]
> (default task-1) Resetting target auth state
> 21:38:50,900 DEBUG [org.apache.http.impl.execchain.RedirectExec]
> (default task-1) Redirecting to
> 'https://[KEYCLOAK]/auth/realms/apiman/protocol/openid-connect/auth?response_type=code&client_id=apiman-gateway-api&redirect_uri=https%3A%2F%2F[GATEWAY]%2Fapiman-gateway-api%2Fsystem%2Fstatus&state=19%2F8069a233-7d97-4f9d-8696-673f72815124&login=true'
> via {s}->https://[KEYCLOAK]
> ...
> 21:38:50,902 DEBUG
> [org.apache.http.impl.conn.PoolingHttpClientConnectionManager] (default
> task-1) Connection request: [route: {s}->https://[KEYCLOAK]][total kept
> alive: 1; route allocated: 0 of 2; total allocated: 1 of 20]
> ...
> 21:38:50,935 DEBUG
> [org.apache.http.impl.conn.DefaultHttpClientConnectionOperator] (default
> task-1) Connection established 172.17.1.52:46173<->172.31.41.242:8443
> 21:38:50,936 DEBUG [org.apache.http.impl.execchain.MainClientExec]
> (default task-1) Executing request GET
> /auth/realms/apiman/protocol/openid-connect/auth?response_type=code&client_id=apiman-gateway-api&redirect_uri=https%3A%2F%2F[GATEWAY]%2Fapiman-gateway-api%2Fsystem%2Fstatus&state=19%2F8069a233-7d97-4f9d-8696-673f72815124&login=true
> HTTP/1.1
> 21:38:50,936 DEBUG [org.apache.http.impl.execchain.MainClientExec]
> (default task-1) Proxy auth state: UNCHALLENGED
> 21:38:50,936 DEBUG [org.apache.http.headers] (default task-1)
> http-outgoing-1 >> GET
> /auth/realms/apiman/protocol/openid-connect/auth?response_type=code&client_id=apiman-gateway-api&redirect_uri=https%3A%2F%2F[GATEWAY]%2Fapiman-gateway-api%2Fsystem%2Fstatus&state=19%2F8069a233-7d97-4f9d-8696-673f72815124&login=true
> HTTP/1.1
> 21:38:50,936 DEBUG [org.apache.http.headers] (default task-1)
> http-outgoing-1 >> Authorization: Basic YXBpbWFuYWdlcjphcGltYW4xMjMh
> 21:38:50,936 DEBUG [org.apache.http.headers] (default task-1)
> http-outgoing-1 >> Host: [KEYCLOAK]
> 21:38:50,936 DEBUG [org.apache.http.headers] (default task-1)
> http-outgoing-1 >> User-Agent: Apache-HttpClient/4.5 (Java/1.8.0_25)
> 21:38:50,936 DEBUG [org.apache.http.headers] (default task-1)
> http-outgoing-1 >> Accept-Encoding: gzip,deflate
> ...
> 21:38:50,960 DEBUG [org.apache.http.wire] (default task-1)
> http-outgoing-1 << "HTTP/1.1 200 OK[\r][\n]"
> 21:38:50,960 DEBUG [org.apache.http.wire] (default task-1)
> http-outgoing-1 << "X-Powered-By: Undertow/1[\r][\n]"
> 21:38:50,960 DEBUG [org.apache.http.wire] (default task-1)
> http-outgoing-1 << "Set-Cookie: KC_RESTART=[COOKIE]; Version=1;
> Path=/auth/realms/apiman; HttpOnly[\r][\n]"
> 21:38:50,960 DEBUG [org.apache.http.wire] (default task-1)
> http-outgoing-1 << "Server: WildFly/9[\r][\n]"
> 21:38:50,960 DEBUG [org.apache.http.wire] (default task-1)
> http-outgoing-1 << "X-Frame-Options: SAMEORIGIN[\r][\n]"
> 21:38:50,960 DEBUG [org.apache.http.wire] (default task-1)
> http-outgoing-1 << "Content-Security-Policy: frame-src 'self'[\r][\n]"
> 21:38:50,960 DEBUG [org.apache.http.wire] (default task-1)
> http-outgoing-1 << "Date: Mon, 14 Dec 2015 21:38:50 GMT[\r][\n]"
> 21:38:50,960 DEBUG [org.apache.http.wire] (default task-1)
> http-outgoing-1 << "Connection: keep-alive[\r][\n]"
> 21:38:50,960 DEBUG [org.apache.http.wire] (default task-1)
> http-outgoing-1 << "Content-Type: text/html[\r][\n]"
> 21:38:50,960 DEBUG [org.apache.http.wire] (default task-1)
> http-outgoing-1 << "Content-Length: 4171[\r][\n]"
> 21:38:50,960 DEBUG [org.apache.http.wire] (default task-1)
> http-outgoing-1 << "[\r][\n]"
> 21:38:50,961 DEBUG [org.apache.http.wire] (default task-1)
> http-outgoing-1 << "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0
> Transitional//EN"
> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">[\n]"
> 21:38:50,961 DEBUG [org.apache.http.wire] (default task-1)
> http-outgoing-1 << "<html xmlns="http://www.w3.org/1999/xhtml"
> class="login-pf">[\n]"
> 21:38:50,961 DEBUG [org.apache.http.wire] (default task-1)
> http-outgoing-1 << "[\n]"
> 21:38:50,961 DEBUG [org.apache.http.wire] (default task-1)
> http-outgoing-1 << "<head>[\n]"
> 21:38:50,961 DEBUG [org.apache.http.wire] (default task-1)
> http-outgoing-1 << " <meta http-equiv="Content-Type"
> content="text/html; charset=UTF-8" />[\n]"
> 21:38:50,961 DEBUG [org.apache.http.wire] (default task-1)
> http-outgoing-1 << " <meta name="viewport"
> content="width=device-width,initial-scale=1"/>[\n]"
> 21:38:50,961 DEBUG [org.apache.http.wire] (default task-1)
> http-outgoing-1 << " <title> Log in to apiman[\n]"
> 21:38:50,961 DEBUG [org.apache.http.wire] (default task-1)
> http-outgoing-1 << "</title>[\n]"
> … more html…
>
>
>
>
> _______________________________________________
> Apiman-user mailing list
> Apiman-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/apiman-user
>
More information about the Apiman-user
mailing list