[keycloak-user] Red Hat SSO - Issue on OpenShift Dedicated

Tue Dec 20 04:18:45 EST 2016

Hi,

This project (= Spring Boot App secured with Red Hat SSO & Keycloak
Adapter) which was working last Friday on "
https://console.engint.openshift.com/console" doesn't work anymore

If I issue a curl/httpie request, I receive a token but next when I try to
access the service, OpenShift returns

./scripts/httpie/token_req.sh

>>> Greeting
GET /greeting HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
Authorization: Bearer eyJhbGciOiJSUzI1NiJ9...AC7tLlhit79g
Connection: keep-alive
Host: secured-springboot-rest-sso.e8ca.engint.openshiftapps.com
User-Agent: HTTPie/0.9.6

HTTP/1.0 503 Service Unavailable
Cache-Control: no-cache
Connection: close
Content-Type: text/html

<html><body><h1>503 Service Unavailable</h1>
No server is available to handle this request.
</body></html>

When I issue a curl request within the pod running the SpringBoot app, I
get a response from the Red Hat SSO Server

sh-4.2$ more /etc/hosts

# Kubernetes-managed hosts file.

127.0.0.1       localhost

10.1.7.20       secured-springboot-rest-5-7tcxs

 sh-4.2$ curl -k -v http://10.1.7.20:8080/greeting

* About to connect() to 10.1.7.20 port 8080 (#0)

*   Trying 10.1.7.20...

* Connected to 10.1.7.20 (10.1.7.20) port 8080 (#0)

> GET /greeting HTTP/1.1

> User-Agent: curl/7.29.0

> Host: 10.1.7.20:8080

> Accept: */*

>

< HTTP/1.1 302 Found

< Server: Apache-Coyote/1.1

< Cache-Control: private

< Expires: Thu, 01 Jan 1970 00:00:00 UTC

< Set-Cookie: JSESSIONID=C6437B316FE0C08F833B0B5F9DEEB231; Path=/; HttpOnly

< Set-Cookie:
OAuth_Token_Request_State=5/64fcf1a6-1b05-4235-8463-3eb024e1a0c5;
Version=1; HttpOnly

< Location:
https://secure-sso-sso.e8ca.engint.openshiftapps.com/auth/realms/master/protocol/openid-connect/auth?response_type=code&client_id=demoapp&redirect_uri=http%3A%2F%2F10.1.7.20%3A8080%2Fgreeting&state=5%2F64fc
f1a6-1b05-4235-8463-3eb024e1a0c5&login=true

What is the problem ?

Regards,

Charles