I am trying to use keycloak in my app. Im running keycloak on docker and using wildfly 20 as application server. I use this scrypt to start keycloak.
version: '3'
services:
keycloak:
image: quay.io/keycloak/keycloak:10.0.1
container_name: keycloak
environment:
DB_VENDOR: postgres
DB_ADDR: host.docker.internal
DB_USER: keycloak
DB_PASSWORD: test
KEYCLOAK_USER: admin
KEYCLOAK_PASSWORD: test
ports:
- 8079:8080
- 8443:8443
Then I added this snippet to my standalone.xml
<subsystem xmlns="urn:jboss:domain:keycloak:1.1">
<secure-deployment name="pato-ejb.war">
<realm>pato</realm>
<auth-server-url>http://localhost:8079/auth</auth-server-url>
<ssl-required>external</ssl-required>
<resource>pato</resource>
<credential name="secret">password</credential>
</secure-deployment>
</subsystem>
And security settings to my web.xml
<security-constraint>
<web-resource-collection>
<web-resource-name></web-resource-name>
<description>Protects all resources</description>
<url-pattern>*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<role-name>admin</role-name>
</security-role>
<login-config>
<auth-method>KEYCLOAK</auth-method>
<realm-name>pato</realm-name>
</login-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>user/</web-resource-name>
<url-pattern>/user/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>user</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<role-name>user</role-name>
</security-role>
And finaly I added keycloak jars to jboss
folder with jars
When I started standalone.bat I immediately got this error
11:41:14,220 ERROR [org.jboss.as.controller] (Controller Boot Thread)
OPVDX001: Validation error in standalone.xml -----------------------------------
|
| 521: </subsystem>
| 522: <subsystem xmlns="urn:jboss:domain:weld:4.0"/>
| 523: <subsystem xmlns="urn:jboss:domain:keycloak:1.1">
| ^^^^ Unexpected element '{urn:jboss:domain:keycloak:1.1}subsystem'
|
| 524: <secure-deployment name="pato-ejb.war">
| 525: <realm>pato</realm>
| 526: <auth-server-url>http://localhost:8079/auth</auth-server-url>
|
| The primary underlying error message was:
| > ParseError at [row,col]:[523,9]
| > Message: Unexpected element '{urn:jboss:domain:keycloak:1.1}subsystem'
|
|-------------------------------------------------------------------------------
11:41:14,223 ERROR [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0055: Caught exception during boot: org.jboss.as.controller.persistence.ConfigurationPersistenceException: WFLYCTL0085: Failed to parse configuration
at org.jboss.as.controller#12.0.1.Final//org.jboss.as.controller.persistence.XmlConfigurationPersister.load(XmlConfigurationPersister.java:143)
at org.jboss.as.server#12.0.1.Final//org.jboss.as.server.ServerService.boot(ServerService.java:395)
at org.jboss.as.controller#12.0.1.Final//org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:416)
at java.base/java.lang.Thread.run(Thread.java:834)
11:41:14,227 FATAL [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0056: Server boot has failed in an unrecoverable manner; exiting. See previous messages for details.
In the Keycloak Downloads you'll see a section for the "Client Adapters". This is a .zip or.tar.gz file that you extract into the Wildfly directory. While you have the .jar files you need, you're missing all of the module.xml files. Open up the current version and you'll see the files you need. Additionally, there are installation files that make changes to your standalone.xml to enable Keycloak. The current hierarchy looks something like:
.
├── bin
│ ├── adapter-elytron-install.cli
│ ├── adapter-elytron-install-offline.cli
│ ├── adapter-install.cli
│ └── adapter-install-offline.cli
├── docs
│ └── licenses-keycloak
│ ├── licenses.css
│ ├── licenses.html
│ ├── licenses.xml
│ ├── licenses.xsl
│ ├── org.keycloak,keycloak-adapter-core,12.0.1,Apache Software License 2.0.txt
│ ├── org.keycloak,keycloak-adapter-spi,12.0.1,Apache Software License 2.0.txt
│ ├── org.keycloak,keycloak-authz-client,12.0.1,Apache Software License 2.0.txt
│ ├── org.keycloak,keycloak-common,12.0.1,Apache Software License 2.0.txt
│ ├── org.keycloak,keycloak-core,12.0.1,Apache Software License 2.0.txt
│ ├── org.keycloak,keycloak-jboss-adapter-core,12.0.1,Apache Software License 2.0.txt
│ ├── org.keycloak,keycloak-undertow-adapter,12.0.1,Apache Software License 2.0.txt
│ ├── org.keycloak,keycloak-undertow-adapter-spi,12.0.1,Apache Software License 2.0.txt
│ ├── org.keycloak,keycloak-wildfly-adapter,12.0.1,Apache Software License 2.0.txt
│ ├── org.keycloak,keycloak-wildfly-elytron-oidc-adapter,12.0.1,Apache Software License 2.0.txt
│ └── org.keycloak,keycloak-wildfly-subsystem,12.0.1,Apache Software License 2.0.txt
└── modules
└── system
└── add-ons
└── keycloak
└── org
└── keycloak
├── keycloak-adapter-core
│ └── main
│ ├── keycloak-adapter-core-12.0.1.jar
│ └── module.xml
├── keycloak-adapter-spi
│ └── main
│ ├── keycloak-adapter-spi-12.0.1.jar
│ ├── keycloak-undertow-adapter-spi-12.0.1.jar
│ └── module.xml
├── keycloak-adapter-subsystem
│ └── main
│ └── module.xml
├── keycloak-authz-client
│ └── main
│ ├── keycloak-authz-client-12.0.1.jar
│ └── module.xml
├── keycloak-common
│ └── main
│ ├── keycloak-common-12.0.1.jar
│ └── module.xml
├── keycloak-core
│ └── main
│ ├── keycloak-core-12.0.1.jar
│ └── module.xml
├── keycloak-jboss-adapter-core
│ └── main
│ ├── keycloak-jboss-adapter-core-12.0.1.jar
│ └── module.xml
├── keycloak-undertow-adapter
│ └── main
│ ├── keycloak-undertow-adapter-12.0.1.jar
│ └── module.xml
├── keycloak-wildfly-adapter
│ └── main
│ ├── keycloak-wildfly-adapter-12.0.1.jar
│ └── module.xml
├── keycloak-wildfly-elytron-oidc-adapter
│ └── main
│ ├── keycloak-wildfly-elytron-oidc-adapter-12.0.1.jar
│ └── module.xml
└── keycloak-wildfly-subsystem
└── main
├── keycloak-wildfly-subsystem-12.0.1.jar
└── module.xml
I'd encourage you to install Keycloak in a local environment, outside of Docker to get a feel for how this all fits together. These steps walk you through the process but basically you extract the files to the Wildfly home directory and run the appropriate script in the bin directory.
Related
I have a ROS2 package which is failing to build. I'm following the ROS2 "Setting Up a Robot Simulation (Webots)" tutorial, and when I got to section 6 "Modify the setup.py file", I changed my file like so:
from setuptools import setup
from glob import glob
package_name = 'ad_boxtra'
setup(
name=package_name,
version='0.0.0',
packages=[package_name],
data_files=[
('share/ament_index/resource_index/packages',
['resource/' + package_name]),
('share/' + package_name, ['package.xml']),
('share/' + package_name, glob('launch/*.py')), # include all launch files
('share/' + package_name, glob('resource/*.urdf')), # include all webots-related resource files
('share/' + package_name + '/webots_simulation/worlds', # include desired webots worlds
['worlds/adboxtra_2022_simplified.wbt']),
],
install_requires=['setuptools'],
zip_safe=True,
maintainer='redacted',
maintainer_email='redacted',
description="redacted",
license='MIT License',
tests_require=['pytest'],
entry_points={
'console_scripts': [
'my_robot_driver = ad_boxtra.my_robot_driver:main',
],
},
)
I then ran colcon build with debug info from the root of my workspace and got:
user#host:~/my_ws $ colcon build --packages-select ad_boxtra --event-handlers console_direct+
Starting >>> ad_boxtra
running egg_info
writing ../../build/ad_boxtra/ad_boxtra.egg-info/PKG-INFO
writing dependency_links to ../../build/ad_boxtra/ad_boxtra.egg-info/dependency_links.txt
writing entry points to ../../build/ad_boxtra/ad_boxtra.egg-info/entry_points.txt
writing requirements to ../../build/ad_boxtra/ad_boxtra.egg-info/requires.txt
writing top-level names to ../../build/ad_boxtra/ad_boxtra.egg-info/top_level.txt
reading manifest file '../../build/ad_boxtra/ad_boxtra.egg-info/SOURCES.txt'
writing manifest file '../../build/ad_boxtra/ad_boxtra.egg-info/SOURCES.txt'
running build
running build_py
running install
running install_lib
running install_data
error: can't copy 'adboxtra_2022_simplified.wbt': doesn't exist or not a regular file
--- stderr: ad_boxtra
error: can't copy 'adboxtra_2022_simplified.wbt': doesn't exist or not a regular file
---
Failed <<< ad_boxtra [0.63s, exited with code 1]
Summary: 0 packages finished [0.70s]
1 package failed: ad_boxtra
1 package had stderr output: ad_boxtra
---
Failed <<< ad_boxtra [0.62s, exited with code 1]
Summary: 0 packages finished [0.71s]
1 package failed: ad_boxtra
1 package had stderr output: ad_boxtra
Why is this colcon build failing? If it helps, here's my directory tree:
AdBoxtra
├── ad_boxtra
│ ├── __init__.py
│ └── my_robot_driver.py
├── launch
│ └── my_robot_webots.launch.py
├── LICENSE
├── package.xml
├── README.md
├── resource
│ ├── ad_boxtra
│ └── my_robot.urdf
├── setup.cfg
├── setup.py
├── test
│ ├── test_copyright.py
│ ├── test_flake8.py
│ └── test_pep257.py
├── urdf
└── webots_simulation
├── controllers
│ └── arm_sweep
│ └── arm_sweep.py
├── libraries
├── plugins
│ ├── physics
│ ├── remote_controls
│ └── robot_windows
├── protos
└── worlds
└── adboxtra_2022_simplified.wbt
27 directories, 63 files
I did observe that in the install/ directory of my workspace, it seems that share/ad_boxtra/webots_simulation/worlds/ exists, but there's no .wbt files inside it. I don't know why this is though:
$ tree ~/rover_ws/install/ad_boxtra/
/home/redacted/rover_ws/install/ad_boxtra/
├── lib
│ ├── ad_boxtra
│ │ ├── conversationalist
│ │ ├── drive_control_serial
│ │ └── turtle_ad_boxtra
│ └── python3.8
│ └── site-packages
│ ├── ad_boxtra
│ │ ├── conversationalist.py
│ │ ├── drive_control_serial.py
│ │ ├── __init__.py
│ │ ├── my_robot_driver.py
│ │ ├── __pycache__
│ │ │ ├── conversationalist.cpython-38.pyc
│ │ │ ├── drive_control_serial.cpython-38.pyc
│ │ │ ├── __init__.cpython-38.pyc
│ │ │ ├── my_robot_driver.cpython-38.pyc
│ │ │ └── turtle_ad_boxtra.cpython-38.pyc
│ │ └── turtle_ad_boxtra.py
│ └── ad_boxtra-0.0.0-py3.8.egg-info
│ ├── dependency_links.txt
│ ├── entry_points.txt
│ ├── PKG-INFO
│ ├── requires.txt
│ ├── SOURCES.txt
│ ├── top_level.txt
│ └── zip-safe
└── share
├── ad_boxtra
│ ├── drive_control.launch.py
│ ├── hook
│ │ ├── ament_prefix_path.dsv
│ │ ├── ament_prefix_path.ps1
│ │ ├── ament_prefix_path.sh
│ │ ├── pythonpath.dsv
│ │ ├── pythonpath.ps1
│ │ └── pythonpath.sh
│ ├── my_robot.urdf
│ ├── my_robot_webots.launch.py
│ ├── package.bash
│ ├── package.dsv
│ ├── package.ps1
│ ├── package.sh
│ ├── package.xml
│ ├── package.zsh
│ ├── __pycache__
│ │ └── drive_control.launch.cpython-38.pyc
│ └── webots_simulation
│ └── worlds
├── ament_index
│ └── resource_index
│ └── packages
│ └── ad_boxtra
└── colcon-core
└── packages
└── ad_boxtra
18 directories, 38 files
From the Python documentation:
data_files specifies a sequence of (directory, files) pairs in the following way...
You wrote
('share/' + package_name + '/webots_simulation/worlds',['worlds/adboxtra_2022_simplified.wbt']), but it should be ('share/' + package_name + '/webots_simulation/worlds',['adboxtra_2022_simplified.wbt']).
You could check the build folder too. Just delete build and install and try again. It could be that.
OK so I know how to remove class files from all the jars under a dir. But, now I have different layer from a docker image, each layer is a tar file, and in the tar file there are the jar files.
Can I remove the class files from the jar files, packaged in tar files?
$ tree -L 3
.
├── 29e0fb8afe376cb02219c977cba1c9a80cca895f7f17b72c356f3e25a63337b9
│ ├── json
│ ├── layer.tar
│ └── VERSION
├── 3b75d6634da4d4f4932d2affeabb7454dc51ba160c3833b386c34e328da8f0ba
│ ├── amq # <<<<< this layer is extracted already, and you can see all the jars here. Other layers are not
│ │ ├── activemq-all-5.11.0.redhat-630495.jar
│ │ ├── bin
│ │ ├── conf
│ │ ├── data
│ │ ├── docs
│ │ ├── examples
│ │ ├── lib
│ │ ├── LICENSE
│ │ ├── NOTICE
│ │ ├── README.txt
│ │ ├── webapps
│ │ └── webapps-demo
│ ├── json
│ ├── layer.tar
│ ├── temp
│ └── VERSION
├── c1fa0e994b2d29f60fd2a6caecbe1ac3f987d001903523d60e532b6e08b094f0
│ ├── json
│ ├── layer.tar
│ └── VERSION
├── c8c84a6c1be5bdfc8caafd23082fd725e84f1c9cddb98fd56cad3a62544b2a3c.json
├── ef5088f89fbac64d2d5982ba14492227f60db1221f6bfd6290c6364a2a95a7e3
│ ├── json
│ ├── layer.tar
│ └── VERSION
├── manifest.json
├── repositories
└── script.sh # <<<<< the script is here
So you ask me why?
Well, did you hear people talking about log4j recently? :) I am doing this right now: log4j vulnerability check: how to quickly detect if log4j is used, in mavevn/in an image? "mvn dependency:tree" does not give a full picture
If someone can tell me how to remove these classes from jib maven plugin, that's better. They are from a base image and I doubt we could do that, though.
What I try to achieve.
Current dir structure in a repo:
├── accounts
│ ├── dev
│ │ └── eu-west-1
│ │ ├── main.tf
│ ├── prd
│ │ ├── eu-central-1
│ │ │ ├── main.tf
│ │ ├── eu-west-1
│ │ │ ├── main.tf
│ └── stg
│ └── eu-west-1
│ ├── main.tf
I want to construct a build set like folders in Jenkins UI like this
├── MYOWNFOLDER
│ ├── dev
│ │ └── eu-west-1 <- here a builds for this region
│ │
│ ├── prd
│ │ ├── eu-central-1 <- here a builds for this region
│ │ ├── eu-west-1 <- here a builds for this region
│ └── stg
│ └── eu-west-1 <- here a builds for this region
And I need to have possibility to run builds for a region independently.
This is the tree structure of my project:
.
├── backend-codebase
│ ├── app.js
│ ├── bin
│ │ └── www
│ ├── config.js
│ ├── db
│ │ ├── index.js
│ │ ├── repos
│ │ │ └── todos.js
│ │ └── sql
│ │ ├── index.js
│ │ └── todos
│ ├── dev
│ │ └── postgres
│ ├── index.js
│ ├── package.json
│ ├── public
│ │ ├── images
│ │ ├── javascripts
│ │ └── stylesheets
│ │ └── style.css
│ ├── routes
│ │ ├── api.js
│ │ ├── index.js
│ │ └── users.js
│ ├── scripts
│ │ ├── applyFixtures.js
│ │ ├── dev_entrypoint.sh
│ │ ├── fixtures.json
│ │ └── psql_dump.sql
│ ├── views
│ │ ├── api.ejs
│ │ ├── db.ejs
│ └── yarn.lock
├── dev
│ ├── Dockerfile-node
│ ├── Dockerfile-postgres
│ ├── development.sh
│ ├── docker-compose-common.yml
│ ├── docker-compose-dev.yml
│ └── postgres
│ ├── 12-12-2016_16_58_59.dump
...
I use docker-compose in order to create three containers and orcherstrate everything:
- a node server
- a postgres DB
- a data container for the DB
plus, I created two (and a third one is missing) yaml files under /dev/docker-compose-*.yml. docker-compose-dev extends the common one and should build the images as well as run all the images.
In order to start off everything I tried to launch the following:
$ docker-compose up --file dev/docker-compose-common.yml --file dev/docker-compose-dev.yml
But what I get is this output:
Builds, (re)creates, starts, and attaches to containers for a service.
Unless they are already running, this command also starts any linked services.
The `docker-compose up` command aggregates the output of each container. When
the command exits, all cont
I really don't understand what I'm doing wrong
Silly, silly me.
It was simply the order between the arguments and the command upside-down.
Plus, I can remove the first --file argument, since it is referenced by using the extends yaml key.
docker-compose -f dev/docker-compose-dev.yml up
When I try to start erlang release prepared by relx it crashes with reason:
{"init terminating in do_boot",{badarg,[{erl_prim_loader,check_file_result,3,[]},{init,get_boot,1,[]},{init,get_boot,2,[]},{init,do_boot,3,[]}]}}
Directory listing:
├── bin
├── lib
│ ├── asn1-2.0.2
│ │ ├── ebin
│ │ ├── priv
│ │ └── src
│ ├── bear-0.8.1
│ │ ├── ebin
│ │ └── src
│ ├── cache-1.0.0
│ │ ├── ebin
│ │ ├── priv
│ │ └── src
│ ├── cberl-1
│ │ ├── c_src
│ │ ├── ebin
│ │ ├── include
│ │ ├── priv
│ │ └── src
│ ├── compiler-4.9.2
│ │ ├── ebin
│ │ └── src
│ ├── cowboy-0.8.6
│ │ ├── ebin
│ │ └── src
....................
│ ├── crypto-3.0
│ │ ├── ebin
│ │ ├── priv
│ │ │ └── lib
│ │ └── src
└── releases
└── 0.5.2
All libraries on it's own places.
I tried to start application with the command erl -env ERL_LIBS ../libs -erlconto and it successfully started.
It seems, that problem in boot file, but i don't know how to approach this problem.
Any tips or way to solve, please.
Tnx!
I added
{extended_start_script, true}.
to relx.conf an application now work!
Tnx.
This usually happens when OTP application's .app file is missing a required dependency. relx uses the contents of .app to resolve dependencies to go into the release.
Make sure all of your release applications include, at least, kernel and stdlib in the applications tuple in .app.
Here is an example .app file listing kernel, stdlib, and elk as dependencies:
{application, prop, [
{description, "Prop Template Generator"},
{vsn, "0.0.1"},
{registered, []},
{applications, [kernel, stdlib, elk]},
{modules, [prop, prop_otp, prop_generator]},
{env, []}
]}.