问题描述:

I'm trying to get the tomcat8-keycloak-adapter to accept basic auth as specified in the documentation, by setting enable-basic-auth to true. Instead of working or failing, as expected, this causes the thread to hang until HTTP times out.

Using tcpdump to snoop the HTTP connection between the tomcat adapter and the keycloak server shows that it is never sending the HTTP request. I can find no information about this on the internet, so I am down to the actual point of asking: does "enable-basic-auth" actually work in the tomcat adapter?

Note that I am using keycloak v1.9.8 and matching adpater 1.9.8. adaptever v2.0.0 appears to have difficulty starting up at this time, and we are still using the 1.9 keycloak in production. keycloak is the official docker image, tomcat is manually installed into the official tomcat8 docker image, using jre8.

网友答案:

It works for me in a Jetty setup. A hanging request indicates a networking problem to me. You question indicates that you are using docker.

The Tomcat inside its docker container needs to contact Keycloak as configured by the URL auth-server-url in the file keycloak.json.

I suspect that the Tomcat can't reach this URL. Please try to reach the URL as stated in keycloak.json from within the Tomcat's docker container, for example via curl --verbose ...

相关阅读:
Top