im trying to get integrate keycloak to gravitee and i get connectio refused error when trying to log in with keycloak.
everything is running on docker container
heres my docker config
#
# Copyright (C) 2015 The Gravitee team (http://gravitee.io)
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
version: "3.5"
networks:
frontend:
name: frontend
storage:
name: storage
services:
mongodb:
image: mongo:${MONGODB_VERSION:-6.0.8}
container_name: gio_apim_mongodb
restart: always
volumes:
- ./gravitee/mongodb/data:/data/db
networks:
- storage
elasticsearch-apim:
image: docker.elastic.co/elasticsearch/elasticsearch:${ELASTIC_VERSION:-7.0.0}
container_name: gio_apim_elasticsearch
restart: always
volumes:
- ./gravitee/elasticsearch/data:/usr/share/elasticsearch/data
environment:
- http.host=0.0.0.0
- transport.host=0.0.0.0
- xpack.security.enabled=false
- cluster.name=elasticsearch
- bootstrap.memory_lock=true
- discovery.type=single-node
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
ulimits:
memlock:
soft: -1
hard: -1
nofile: 65536
networks:
- storage
gateway:
image: graviteeio/apim-gateway:${APIM_VERSION:-4}
container_name: gio_apim_gateway
restart: always
ports:
- "8082:8082"
depends_on:
- mongodb
- elasticsearch-apim
volumes:
- ./gravitee/apim-gateway/logs:/opt/graviteeio-gateway/logs
- ./gravitee/apim-gateway/plugins:/opt/graviteeio-gateway/plugins-ext
environment:
- gravitee_management_mongodb_uri=mongodb://mongodb:27017/gravitee?serverSelectionTimeoutMS=5000&connectTimeoutMS=5000&socketTimeoutMS=5000
- gravitee_ratelimit_mongodb_uri=mongodb://mongodb:27017/gravitee?serverSelectionTimeoutMS=5000&connectTimeoutMS=5000&socketTimeoutMS=5000
- gravitee_reporters_elasticsearch_endpoints_0=http://elasticsearch-apim:9200
- gravitee_plugins_path_0=/opt/graviteeio-gateway/plugins
- gravitee_plugins_path_1=/opt/graviteeio-gateway/plugins-ext
networks:
- storage
- frontend
management_api:
image: graviteeio/apim-management-api:${APIM_VERSION:-4}
container_name: gio_apim_management_api
restart: always
ports:
- "8083:8083"
depends_on:
- mongodb
- elasticsearch-apim
volumes:
- ./gravitee/apim-management-api/logs:/opt/graviteeio-management-api/logs
- ./gravitee/apim-management-api/plugins:/opt/graviteeio-management-api/plugins-ext
environment:
- gravitee_management_mongodb_uri=mongodb://mongodb:27017/gravitee?serverSelectionTimeoutMS=5000&connectTimeoutMS=5000&socketTimeoutMS=5000
- gravitee_analytics_elasticsearch_endpoints_0=http://elasticsearch-apim:9200
- gravitee_plugins_path_0=/opt/graviteeio-management-api/plugins
- gravitee_plugins_path_1=/opt/graviteeio-management-api/plugins-ext
networks:
- storage
- frontend
management_ui:
image: graviteeio/apim-management-ui:${APIM_VERSION:-4}
container_name: gio_apim_management_ui
restart: always
ports:
- "8084:8080"
depends_on:
- management_api
environment:
- MGMT_API_URL=http://localhost:8083/management/organizations/DEFAULT/environments/DEFAULT/
volumes:
- ./gravitee/apim-management-ui/logs:/var/log/nginx
networks:
- frontend
portal_ui:
image: graviteeio/apim-portal-ui:${APIM_VERSION:-4}
container_name: gio_apim_portal_ui
restart: always
ports:
- "8085:8080"
depends_on:
- management_api
environment:
- PORTAL_API_URL=http://localhost:8083/portal/environments/DEFAULT
volumes:
- ./gravitee/apim-portal-ui/logs:/var/log/nginx
networks:
- frontend
keycloak:
image: quay.io/keycloak/keycloak:${KEYCLOAK_VERSION}
command: start-dev
depends_on:
postgres:
condition: service_healthy
container_name: local_keycloak
environment:
- KC_DB=${KC_DB}
- KC_DB_URL_HOST=${KC_DB_URL_HOST}
- KC_DB_URL_DATABASE=${KC_DB_URL_DATABASE}
- KC_DB_USERNAME=${KC_DB_USERNAME}
- KC_DB_PASSWORD=${KC_DB_PASSWORD}
- KC_DB_SCHEMA=${KC_DB_SCHEMA}
- KEYCLOAK_ADMIN=${KEYCLOAK_ADMIN}
- KEYCLOAK_ADMIN_PASSWORD=${KEYCLOAK_ADMIN_PASSWORD}
ports:
- "8890:8080"
restart: unless-stopped
networks:
- storage
- frontend
postgres:
image: postgres:${POSTGRESQL_VERSION}
volumes:
- ./keycloak/postgres-data:/var/lib/postgresql/data
environment:
POSTGRES_DB: ${POSTGRESQL_DB}
POSTGRES_USER: ${POSTGRESQL_USER}
POSTGRES_PASSWORD: ${POSTGRESQL_PASS}
healthcheck:
test: "exit 0"
ports:
- "5456:5433"
networks:
- storage
and my env file:
MONGODB_VERSION=6.0.8
APIM_VERSION=3.5
KEYCLOAK_VERSION=22.0
KC_DB=postgres
KC_DB_URL_HOST=postgres
KC_DB_URL_DATABASE=keycloakdb
KC_DB_USERNAME=keycloak
KC_DB_PASSWORD=password
KC_DB_SCHEMA=public
KEYCLOAK_ADMIN=admin
KEYCLOAK_ADMIN_PASSWORD=admin
POSTGRESQL_VERSION=15.4
POSTGRESQL_DB=keycloakdb
POSTGRESQL_USER=keycloak
POSTGRESQL_PASS=password
this is what it calls after i fill in my login details to window that opens
heres request payload:
after checked logs gravitee management api spit error:
gio_apim_management_api | 05:45:34.694 [gravitee-listener-50] ERROR i.g.r.a.m.r.provider.ThrowableMapper - Internal error
gio_apim_management_api | javax.ws.rs.ProcessingException: java.net.ConnectException: Connection refused (Connection refused)
gio_apim_management_api | at org.glassfish.jersey.client.internal.HttpUrlConnector.apply(HttpUrlConnector.java:261)
gio_apim_management_api | at org.glassfish.jersey.client.ClientRuntime.invoke(ClientRuntime.java:296)
gio_apim_management_api | at org.glassfish.jersey.client.JerseyInvocation.lambda$invoke$0(JerseyInvocation.java:609)
gio_apim_management_api | at org.glassfish.jersey.internal.Errors.process(Errors.java:292)
gio_apim_management_api | at org.glassfish.jersey.internal.Errors.process(Errors.java:274)
gio_apim_management_api | at org.glassfish.jersey.internal.Errors.process(Errors.java:205)
gio_apim_management_api | at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:390)
gio_apim_management_api | at org.glassfish.jersey.client.JerseyInvocation.invoke(JerseyInvocation.java:608)
gio_apim_management_api | at org.glassfish.jersey.client.JerseyInvocation$Builder.method(JerseyInvocation.java:421)
gio_apim_management_api | at org.glassfish.jersey.client.JerseyInvocation$Builder.post(JerseyInvocation.java:327)
gio_apim_management_api | at io.gravitee.rest.api.management.rest.resource.auth.OAuth2AuthenticationResource.exchangeAuthorizationCode(OAuth2AuthenticationResource.java:222)
gio_apim_management_api | at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
gio_apim_management_api | at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
gio_apim_management_api | at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
gio_apim_management_api | at java.base/java.lang.reflect.Method.invoke(Unknown Source)
Heres my gravitee identity provider settings:
this setting i also see in gravitee identity provider settings, but this address is impossible to change
let me know if you need more info. like client settings or realm settings
thanks -Toni
Your client is a private Client, you should provide "Client Secret", which I cannot see in your env file or anywhere else.