![](/img/trans.png)
[英]How can I serve a multi-module spring boot application in a single Docker Container?
[英]How I can get keycloak realm certs using spring boot application in docker container
這是我的 docker-compose.yml 文件:
version: "3.7"
volumes:
pgdata:
driver: local
services:
database:
container_name: postgres-realityquest-db
image: postgres:${POSTGRES_VERSION}
ports:
- "5432:5432"
environment:
- POSTGRES_USER=${POSTGRES_USER}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
- POSTGRES_DB=${POSTGRES_DB}
- PGDATA=/var/lib/postgresql/data
volumes:
- pgdata:/var/lib/postgresql/data
app:
image: reality-quest
container_name: app
depends_on: [database, keycloak]
ports:
- "8081:8081"
keycloak:
image: jboss/keycloak
container_name: local-keycloak
ports:
- "8024:8080"
volumes:
- ./imports:/tmp/import
environment:
- KEYCLOAK_USER=admin
- KEYCLOAK_PASSWORD=admin
command:
- "-Dkeycloak.migration.action=import"
- "-Dkeycloak.migration.provider=dir"
- "-Dkeycloak.migration.dir=/tmp/import"
這是我的 application.properties 文件:
server.port=8081
#POSTGRESSQL DATASOURCE CONFIGURATION
spring.datasource.driver-class-name=org.postgresql.Driver
spring.datasource.url=jdbc:postgresql://postgres-realityquest-db:5432/test
#spring.datasource.url=jdbc:postgresql://localhost:5432/test
spring.datasource.username=postgres
spring.datasource.password=root
#HIBERNATE CONFIGURATION
spring.jpa.hibernate.ddl-auto=validate
spring.jpa.show-sql=true
spring.main.allow-bean-definition-overriding=true
#LIQUIBASE CONFIGURATION
spring.liquibase.change-log=db/changelog/db.changelog-master.xml
#SECURITY CONFIGURATION
spring.security.filter.order=10
#RESOURCE SERVER CONFIGURATION
spring.security.oauth2.resourceserver.jwt.jwk-set-uri=http://localhost:8024/auth/realms/custom-oauth2-server/protocol/openid-connect/certs
當容器運行時,我可以使用 POSTMAN 從 keycloak 成功獲取 JWT 令牌,但是當我向 API 發送請求時出現獲取錯誤:
org.springframework.security.authentication.AuthenticationServiceException: An error occurred while attempting to decode the Jwt: Couldn't retrieve remote JWK set: org.springframework.web.client.ResourceAccessException
: I/O error on GET request for "http://localhost:8024/auth/realms/custom-oauth2-server/protocol/openid-connect/certs": Connection refused; nested exception is java.net.ConnectException: Connection refused
當我沒有 docker 時,一切正常。我會很感激你的幫助
首先查看jwks_uri的url是否正確,發現是到這個url:
http://keycloakhost:keycloakport/auth/realms/{realm}/.well-known/openid-configuration
在 json 結果中,您將看到 jwks_uri
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.