登录密钥库后注册表无法授权

时间:2019-03-09 10:10:17

标签: jhipster jhipster-registry

我用docker compose启动Keycloak,这是我的文件:

version: '2'
services:
  keycloak:
    image: jboss/keycloak:4.8.3.Final
    command: ["-b", "0.0.0.0", "-Dkeycloak.migration.action=import", "-Dkeycloak.migration.provider=dir", "-Dkeycloak.migration.dir=/opt/jboss/keycloak/realm-config", "-Dkeycloak.migration.strategy=OVERWRITE_EXISTING", "-Djboss.socket.binding.port-offset=1000"]
    volumes:
      - ./realm-config:/opt/jboss/keycloak/realm-config
    environment:
      - KEYCLOAK_USER=admin
      - KEYCLOAK_PASSWORD=admin
      - DB_VENDOR=h2
    ports:
      - 9080:9080
      - 9443:9443
      - 10990:10990

然后我使用此配置以相同的方式启动注册表:

version: '2'
services:
    jhipster-registry:
        image: jhipster/jhipster-registry:v4.1.1
        volumes:
            - ./central-server-config:/central-config
        # When run with the "dev" Spring profile, the JHipster Registry will
        # read the config from the local filesystem (central-server-config directory)
        # When run with the "prod" Spring profile, it will read the configuration from a Git repository
        # See https://www.jhipster.tech/microservices-architecture/#registry_app_configuration
        environment:
            - _JAVA_OPTIONS=-Xmx512m -Xms256m
            - SPRING_PROFILES_ACTIVE=dev,swagger,oauth2
            - SPRING_SECURITY_USER_PASSWORD=admin
            - JHIPSTER_REGISTRY_PASSWORD=admin
            - SPRING_CLOUD_CONFIG_SERVER_COMPOSITE_0_TYPE=native
            - SPRING_CLOUD_CONFIG_SERVER_COMPOSITE_0_SEARCH_LOCATIONS=file:./central-config/localhost-config/
            # - SPRING_CLOUD_CONFIG_SERVER_COMPOSITE_0_TYPE=git
            # - SPRING_CLOUD_CONFIG_SERVER_COMPOSITE_0_URI=https://github.com/jhipster/jhipster-registry/
            # - SPRING_CLOUD_CONFIG_SERVER_COMPOSITE_0_SEARCH_PATHS=central-config
            # For keycloak to work, you need to add '127.0.0.1 keycloak' to your hosts file
            - SECURITY_OAUTH2_CLIENT_ACCESS_TOKEN_URI=http://localhost:9080/auth/realms/jhipster/protocol/openid-connect/token
            - SECURITY_OAUTH2_CLIENT_USER_AUTHORIZATION_URI=http://localhost:9080/auth/realms/jhipster/protocol/openid-connect/auth
            - SECURITY_OAUTH2_CLIENT_CLIENT_ID=jhipster-registry
            - SECURITY_OAUTH2_CLIENT_CLIENT_SECRET=jhipster-registry
            - SECURITY_OAUTH2_RESOURCE_USER_INFO_URI=http://localhost:9080/auth/realms/jhipster/protocol/openid-connect/userinfo
        ports:
            - 8761:8761

现在,当我打开以下URL:http://localhost:8761时,我将重定向到Keycloak登录页面,成功登录后,我会出现未经授权错误!

我错过了什么?

我已阅读this question,但未设置任何SSL,并且正在localhost上工作。

我找到了问题和解决方案!这导致我使用了http://localhost:9080/,实际上我必须将密钥锁添加到本地/ etc / hosts文件(127.0.0.1 localhost keycloak),然后将http://keycloak:9080/添加到注册表的docker compose文件中。一切正常。

我使用了Jhipster注册表的docker,每次它寻找验证令牌时,它都会向其本地主机发送一个请求!因此请求失败,我无法登录。

0 个答案:

没有答案
相关问题
最新问题