After successfully setting up a cloud config server and confirming that all works as expected I ran into this issue but I'm not sure if it's supported or the best way to go.
We follow the database-per-service pattern so as an experiment I committed a dev and staging file containing the db connection details of each service so that if we needed to make changes to the server address and credentials we only needed to do it in the config repo.
I have set this up correctly and I confirm that the changes are indeed being propagated from the config server to the clients.
It was only after doing all of this did I notice that even though the services got the updated database details it DID NOT switch its connection.
Is this possible? The only way I could do this was if I restarted the service and that kinda defeats the purpose of having all of this in place. I tried toying with the connection timeouts but it didn't help. The service was still connected to the previous connection.
So it appears a simple addition of the #RefreshScope to my controller did the trick. Thanks to Spring's David Syer for the insight.
Related
I am new to Keycloak. I have installed a Docker container with Keycloak 19.0.2. Then created a new realm, client and user. As described in various tutorials it says.
Now I tried to connect my Spring Boot application with Keycloak. But I always get the error connection reset.
I have now tested something around and found out something strange.
When I call the URL /realms/rName/.well-known/openid-configuration with Chrome or Edge I see a JSON string, same URL in Firefox I get the error page load error. Also Insomnia gets an error Error: Failure when receiving data from the peer.
I suspect that my Spring Boot application is also getting this. Now where can I set the permissions in Keycloak to allow everyone to talk to the endpoint?
Many greetings
EDIT: Same situation on Root Page. http://localhost:8080/. The Welcome Site is shown on Edge and Chrome but not in Firefox or Insomnia
please excuse my question. I have been able to find the problem. Another process was also listening on the same port. Why there was no error that the port is already in use, I don't know. Now I set Keycloak to another port and it works with all clients. That it is technically possible at all, I wonder, especially why it is program dependent. Well, it works now. Thanks to all who helped.
The Interactive Borker (IB) has a setting for the proxyRemoteHost which is like this "ib.abcd.com". This config won't work unless it's changed to "X.ib.abcd.com", where X = [1-5]. We need to specify a server to make it to work. Although this looks good for DEV purpose, in product we don't wanna specify the server instead use the base URL.
The Interactive Broker team has been troubleshooting this issue for a while and not able to pin point any reason. I really appreciate if anyone can help me understand probable causes behind this issue, so I can give more input for the relevant team to fix this issue. I can't add the logs due to some sensitive information in them. In logs, we can see the SSO authentication always fails while using proxyRemoteHost setting as base URL ("api.abcd.com") but works when we specify a server ("X.api.abcd.com"). No further info in the logs that mentions any reasons behind the failure.
We have tested this on latest Chrome and Firefox with CORS enabled. Also, once in a blue moon, it works fine with the base URL which totally surprises me.
In the jhipster-registry all the proxy parameters aren't not taken into account and mainly the nonProxyHost one.
At startup, the Jhipster-registry container will clone the project on github (via the proxy);
on the other hand, it can not contact the local services (eg keycloak) because it should not use the proxy (that it does because it does not seem to take into account the nonProxyHost parameter)
How could we solve the problem ?
please take a look in the following link: http://www.jhipster.tech/configuring-a-corporate-proxy/.
I had an issue configuring the corporate proxy to run maven, then I just took a look in this page, there were all my answers on it. If your issue persist, please let know.
-Rod
I have a asp.net mvc application that interacts with RabbitMq. Everything works great locally.
However, on our deployment server it cannot connect
DEBUG|MassTransit.RabbitMqTransport.Integration.RabbitMqConnectionCache|Connecting: muyuser#localhost:5672/|
ERROR|MassTransit.RabbitMqTransport.RabbitMqReceiveTransport|RabbitMQ connection failed: Connect failed: muyuser#localhost:5672/|
What I'm able to gather is this
In order to connect to RabbitMq you need a valid .erlang.cookie in (on windows) your User root
As best I can tell, this cookie is created when you install rabbitmq
In development we're using localdb which runs as the developer's user (which has this cookie)
In production the application runs off of IIS which uses the application pool and the built-in ApplicationPoolIdentity account. Which doesn't have a User folder for the .erlang.cookie file to live in.
So the question becomes...what now? How is this intended to work?
Obviously we could create a dedicated user for the web application but our system administrator is understandably very reluctant to do this.
Another clue, is that when I tried to RDP, log in as myself and connect to rabbit I found that I could not. After troubleshooting I discovered that my cookie didn't match up with that of others who could! I replaced it with the one from c:\windows\.erlang.cookie and could then connect from cli. It seems possible like there is a cookie installed somewhere for the applicationpoolidentity but it is an incorrect cookie. What is the location where it would go?
Erlang cookies are used for internode communication, whether it is for clustering RabbitMQ or for contacting RabbitMQ via the command line using rabbitmqctl.
If you have problems with an AMQP connection, then the erlang cookie has nothing to do here.
Take a look at access control https://www.rabbitmq.com/access-control.html to see if your user is properly configured.
At the same time check the server logs to see why the connection is refused.
I'm facing an error 401 when I do a request from my application to CAS Server. I saw that this meaning that the time between the servers are different. So I found this link, showing how configure it.
I'm using spring-cas-client to do the connection between my app and CAS Server. In this example shows how to configure in the web.xml. There are a way to configure in my applicationContext-security.xml.
Tks a lot !
Only for document, I found the error. And the simplest way to fix this error is synchronize servers with the same NTP Server.