[keycloak-user] problem with keycloak on openshift

Paolo Antinori sonicaaaa at gmail.com
Thu Jul 2 08:21:21 EDT 2015


Thank you. After confirming it's anything known or that I'm doing
anything obviously stupid on Keycloak side I will verify with the OS
guys.

I'll report the finding just for cross linking.


thank you!

paolo

On Thu, Jul 2, 2015 at 12:22 PM, Stian Thorgersen <stian at redhat.com> wrote:
> Don't know what's going on here. If you're sending a request directly to 'https://kc-paolo.rhcloud.com/' it's not specific to Keycloak and it's either a WildFly or OpenShift issue. My guess would be the latter so maybe ask on OpenShift forums?
>
> ----- Original Message -----
>> From: "Paolo Antinori" <sonicaaaa at gmail.com>
>> To: keycloak-user at lists.jboss.org
>> Sent: Wednesday, 1 July, 2015 10:07:20 AM
>> Subject: [keycloak-user] problem with keycloak on openshift
>>
>> Hi guys, I have deployed an instance of keycloak on openshift
>> following the steps described here:
>>
>> https://github.com/keycloak/openshift-keycloak-cartridge
>>
>> The operation apparently went ok and I have been able to login to the
>> instance and see kc administrative interface.
>>
>> Problem is that after a while, I am no longer able to login to the
>> instance. Not even if I restart it.
>>
>> This is the error I see when trying:
>>
>> Bad Request
>>
>> Your browser sent a request that this server could not understand.
>> Size of a request header field exceeds server limit.
>>
>> X-Forwarded-Host
>>
>> /n
>>
>>
>> And I get that with both ffox and chromium on linux
>>
>> this from curl:
>>
>>
>> $ curl -L -v https://kc-paolo.rhcloud.com/
>> *   Trying 54.89.206.14...
>> * Connected to kc-paolo.rhcloud.com (54.89.206.14) port 443 (#0)
>> * Initializing NSS with certpath: sql:/etc/pki/nssdb
>> *   CAfile: /etc/pki/tls/certs/ca-bundle.crt
>>   CApath: none
>> * SSL connection using TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
>> * Server certificate:
>> *     subject: CN=*.rhcloud.com,O=Red Hat Inc.,L=Raleigh,ST=North
>> Carolina,C=US
>> *     start date: Apr 07 00:00:00 2015 GMT
>> *     expire date: Apr 11 12:00:00 2018 GMT
>> *     common name: *.rhcloud.com
>> *     issuer: CN=DigiCert SHA2 High Assurance Server
>> CA,OU=www.digicert.com,O=DigiCert Inc,C=US
>> > GET / HTTP/1.1
>> > User-Agent: curl/7.40.0
>> > Host: kc-paolo.rhcloud.com
>> > Accept: */*
>> >
>> < HTTP/1.1 400 Bad Request
>> < Date: Wed, 01 Jul 2015 08:06:46 GMT
>> < Server: Apache/2.2.15 (Red Hat)
>> < Content-Length: 392
>> < Content-Type: text/html; charset=iso-8859-1
>> < Connection: close
>> <
>> <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
>> <html><head>
>> <title>400 Bad Request</title>
>> </head><body>
>> <h1>Bad Request</h1>
>> <p>Your browser sent a request that this server could not understand.<br />
>> Size of a request header field exceeds server limit.<br />
>> <pre>
>> X-Forwarded-Host
>> </pre>/n</p>
>> <hr>
>> <address>Apache/2.2.15 (Red Hat) Server at localhost Port 80</address>
>> </body></html>
>> * Closing connection 0
>>
>>
>>
>>
>> any idea about what's wrong?
>>
>> thank you
>>
>> paolo
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>


More information about the keycloak-user mailing list