Skip to content

Kafka Server Startup Failure with Keycloak OAuth Server  #233

New issue
New issue
Open
Open
Kafka Server Startup Failure with Keycloak OAuth Server #233
@zzhu158

Description

@zzhu158
zzhu158
opened on Mar 20, 2024 · edited by zzhu158

I've encountered an issue when using compose-authz.yml with Keycloak OAuth server. The error message in the log shows that the POST request to get the OAuth token fails with a 404 status code:
[2024-03-20 21:39:29,536] DEBUG loginWithClientSecret() - tokenEndpointUrl: http://keycloak:8080/auth/realms/kafka-authz/protocol/openid-connect/token, clientId: kafka, clientSecret: k*********, scope: null, audience: null, connectTimeout: 60, readTimeout: 60, retries: 0, retryPauseMillis: 0 (io.strimzi.kafka.oauth.common.OAuthAuthenticator) kafka | [2024-03-20 21:39:29,557] INFO Action failed on try no. 1 (io.strimzi.kafka.oauth.common.HttpUtil) kafka | io.strimzi.kafka.oauth.common.HttpException: POST request to http://keycloak:8080/auth/realms/kafka-authz/protocol/openid-connect/token failed with status 404: {"error":"Unable to find matching target resource method"}
I checked to see if Keycloak was working properly, when clicking on the "Admin Console" it shows "Loading" but couldn't be completed.
image
Can someone please look into the Keycloak configuration?

Steps to reproduce
1.Go to examples/docker/kafka-oauth-strimzi/compose-authz.yml
2.run ```
docker-compose -f compose.yml -f keycloak/compose.yml -f keycloak-import/compose.yml
-f kafka-oauth-strimzi/compose-authz.yml up --build
3. Login to Keycloak, and clicking Keycloak Admin Console, it will show the issue

Activity

zzhu158
mentioned this on Mar 20, 2024
mstruk

mstruk commented on Mar 25, 2024

@mstruk
mstruk
on Mar 25, 2024
Contributor

Please, try to use Strimzi Kafka OAuth 0.15.0.
There have been changes in the examples, the Keycloak version is now the latest or very recent, and keycloak-import is no longer there.

flo-kn

flo-kn commented on Apr 22, 2024

@flo-kn
flo-kn
on Apr 22, 2024

Had the same (got the same screen as in @zzhu158's screenshot).

  1. Following this one examples/docker/README.md

  2. Then this examples/docker/README.md#running-with-keycloak

    docker-compose -f compose.yml -f kafka-oauth-strimzi/compose.yml -f keycloak/compose.yml up --build

    Pretty sure I am using version 0.15.0 where ever possible.

What fixed it for me:
Adjusting the hostname in the browser keycloak instead of localhost:

https://keycloak:8443/admin/master/console/

vs.

https://localhost:8443/admin/master/console/ ⛔️

mstruk

mstruk commented on Apr 22, 2024

@mstruk
mstruk
on Apr 22, 2024
Contributor

Thanks for the info. It's something that has been a problem with the updated version of Keycloak. I guess it needs to be clearly communicated in the examples README.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

      Participants

      @mstruk@flo-kn@zzhu158

      Issue actions
        Kafka Server Startup Failure with Keycloak OAuth Server · Issue #233 · strimzi/strimzi-kafka-oauth