I am new to Keycloak. I have installed a Docker container with Keycloak 19.0.2. Then created a new realm, client and user. As described in various tutorials it says.
Now I tried to connect my Spring Boot application with Keycloak. But I always get the error connection reset.
I have now tested something around and found out something strange.
When I call the URL /realms/rName/.well-known/openid-configuration with Chrome or Edge I see a JSON string, same URL in Firefox I get the error page load error. Also Insomnia gets an error Error: Failure when receiving data from the peer.
I suspect that my Spring Boot application is also getting this. Now where can I set the permissions in Keycloak to allow everyone to talk to the endpoint?
Many greetings
EDIT: Same situation on Root Page. http://localhost:8080/. The Welcome Site is shown on Edge and Chrome but not in Firefox or Insomnia
please excuse my question. I have been able to find the problem. Another process was also listening on the same port. Why there was no error that the port is already in use, I don't know. Now I set Keycloak to another port and it works with all clients. That it is technically possible at all, I wonder, especially why it is program dependent. Well, it works now. Thanks to all who helped.
Related
The Interactive Borker (IB) has a setting for the proxyRemoteHost which is like this "ib.abcd.com". This config won't work unless it's changed to "X.ib.abcd.com", where X = [1-5]. We need to specify a server to make it to work. Although this looks good for DEV purpose, in product we don't wanna specify the server instead use the base URL.
The Interactive Broker team has been troubleshooting this issue for a while and not able to pin point any reason. I really appreciate if anyone can help me understand probable causes behind this issue, so I can give more input for the relevant team to fix this issue. I can't add the logs due to some sensitive information in them. In logs, we can see the SSO authentication always fails while using proxyRemoteHost setting as base URL ("api.abcd.com") but works when we specify a server ("X.api.abcd.com"). No further info in the logs that mentions any reasons behind the failure.
We have tested this on latest Chrome and Firefox with CORS enabled. Also, once in a blue moon, it works fine with the base URL which totally surprises me.
I can't get my backend to send data after switching to secure connection.
I was able to successfully configure SSL with ssl_mod on Apache web server that serves my Angular app on AWS Linux 2 instance, the site is secure - but my Spring Boot backend is not responding, it is not sending any data. When I additionally convert .crt and .key files to PK12 that Spring understands and I use it in Spring app - I get this error:
net::ERR_SSL_PROTOCOL_ERROR
I've tried using AWS Load Balancer, but same thing happens, frontend is loaded in secure environment, but backend is not sending any data even after I change backend calls from http to https://my-site.com. I've tried following documentation and added this to my backend app properties file:
server.tomcat.remoteip.remote-ip-header=x-forwarded-for
server.tomcat.remoteip.protocol-header=x-forwarded-proto
and security configuration upgraded with this:
http.requiresChannel().anyRequest().requiresSecure()...
but to no avail.
Lastly, I created a new instance on EC2 and this time I didn't configure apache for the frontend on linux, I just used SSL certificate on my backend app with following properties:
server.ssl.enabled=true
server.ssl.key-store=/etc/ssl/mydomain_com.p12
server.ssl.key-store-password=******
server.ssl.key-alias=mydomain
To no avail, now my site doesn't load at all. I'm despearate, struggling with this for a week now. What is the procedure for a full stack app? How do I do it?
Let me respond because on the same day I asked the question - I found a solution. The solution was - converting free SSL certificate with the help of this website:
https://www.sslshopper.com/ssl-converter.html
After I've plugged it in my Spring Boot app - it works. Before that, I made the conversion with OpenSSL on Windows, and it seems it was faulty. I'm so happy now... I read so many articles on this website on my one and a half year journey of learning to code - and got stuck on the last step. I'm so happy. Thank you all for this amazing website and all the help. I love you! I'm proud of being a part of this programming community... the best humor, the best people!
Peace
I loaded the EchoBot template from Microsoft here: https://marketplace.visualstudio.com/items?itemName=BotBuilder.botbuilderv4
I started a new project and try to run it locally. No MicrosoftAppID or MicrosoftAppPassword is provided.
Then I loaded the latest Bot Framework Emulator v4.7
I connect locally, again no App ID or App Password:
However when I try to send a message I get unauthorized error, why would I get unauthorized error when connecting locally?
The server is definitely running locally and the local URL is correct:
One question I want to ask is the login dependent on any 3rd party URL call? My company security policy is blocking all URL unless whitelisted, so if this is the case, maybe the authentication is blocked? What would be the URL for me to whitelist?
EDIT: I tried it a VM outside of the company network and it works! So something must be getting blocked. Any idea?
I got around it by using a VM outside the company network instead. It's not a solution, but it is a work around. I highly suspect some port are being blocked by company firewall but not sure what so I am not sure how to get it whitelisted.
I'm facing an error 401 when I do a request from my application to CAS Server. I saw that this meaning that the time between the servers are different. So I found this link, showing how configure it.
I'm using spring-cas-client to do the connection between my app and CAS Server. In this example shows how to configure in the web.xml. There are a way to configure in my applicationContext-security.xml.
Tks a lot !
Only for document, I found the error. And the simplest way to fix this error is synchronize servers with the same NTP Server.
We are running SiteMinder 6 - that's the reason why we cannot ask for SiteMinder support.
We have noticed a strange behavior making a user unnable using the application she had been authorised to.
We have checked the policied,the apache reverse proxy configuration, the web agebt configuration, and all sound ok.
But capturing data between the reverse proxy and the back end application, we noticed that the RP sends no header, although the logs says it does.
had anybody suffered from a similar issue?
We rebooted the RP, without success.
thank you for your help.