Keycloak issue
338 views
Skip to first unread message
Alex Kaisar
Jan 2, 2025, 1:33:12 AM1/2/25
to dcm4che
Hello all and happy new year,
I've tried to set up DCM to run w/ keycloak on Windows 11 using the docker compose which is provided below:
https://github.com/dcm4che/dcm4chee-arc-light/wiki/Run-secured-archive-services-on-a-single-host
Although i modified it a bit because i do not want to run it on https yet, i want to test the user management first.
My .yml is below:
version: "3"
services:
ldap:
image: dcm4che/slapd-dcm4chee:2.6.7-33.1
logging:
driver: json-file
options:
max-size: "10m"
ports:
- "389:389"
- "636:636"
environment:
STORAGE_DIR: /storage/fs1
volumes:
- C:/DCM/dcm4chee-arc/ldap:/var/lib/openldap/openldap-data
- C:/DCM/dcm4chee-arc/slapd.d:/etc/openldap/slapd.d
mariadb:
image: mariadb:10.11.4
logging:
driver: json-file
options:
max-size: "10m"
ports:
- "3308:3306" # Exposing MariaDB on port 3308 of the host
environment:
MYSQL_ROOT_PASSWORD: secret
MYSQL_DATABASE: keycloak
MYSQL_USER: keycloak
MYSQL_PASSWORD: keycloak
volumes:
- C:/DCM/dcm4chee-arc/mysql:/var/lib/mysql
keycloak:
image: dcm4che/keycloak:26.0.6
logging:
driver: json-file
options:
max-size: "10m"
ports:
- "8080:8080" # HTTP port for Keycloak
environment:
KC_HTTPS_PORT: 8080
KC_HOSTNAME: http://localhost:8080
KC_HOSTNAME_BACKCHANNEL_DYNAMIC: 'true'
KC_BOOTSTRAP_ADMIN_USERNAME: admin
KC_BOOTSTRAP_ADMIN_PASSWORD: changeit
KC_DB: mariadb
KC_DB_URL_DATABASE: mariadb
KC_DB_URL_HOST: dcm4chee-mariadb-1
KC_DB_URL_PORT: 3306
KC_DB_USERNAME: keycloak
KC_DB_PASSWORD: keycloak
KC_LOG: file
KEYCLOAK_LOGLEVEL: DEBUG
ARCHIVE_HOST: localhost
KEYCLOAK_WAIT_FOR: ldap:389 mariadb:3306
depends_on:
- ldap
- mariadb
volumes:
- C:/DCM/dcm4chee-arc/keycloak:/opt/keycloak/data
db:
image: dcm4che/postgres-dcm4chee:17.1-33
logging:
driver: json-file
options:
max-size: "10m"
ports:
- "5433:5432" # Changed from 5432 to 5433 for Postgres port
environment:
POSTGRES_DB: pacsdb
POSTGRES_USER: pacs
POSTGRES_PASSWORD: pacs
volumes:
- C:/DCM/dcm4chee-arc/db:/var/lib/postgresql/data
arc:
image: dcm4che/dcm4chee-arc-psql:5.33.1-secure
ports:
- "8443:8443" # Secure HTTPS access
- "9990:9990"
- "9993:9993"
- "11112:11112"
- "2762:2762"
- "2575:2575"
- "12575:12575"
environment:
POSTGRES_DB: pacsdb
POSTGRES_USER: pacs
POSTGRES_PASSWORD: pacs
AUTH_SERVER_URL: https://keycloak:8843
UI_AUTH_SERVER_URL: https://localhost:8843
WILDFLY_CHOWN: /storage
WILDFLY_WAIT_FOR: ldap:389 db:5433 keycloak:8843
depends_on:
- ldap
- keycloak
- db
volumes:
- C:/DCM/dcm4chee-arc/wildfly:/opt/wildfly/standalone
- C:/DCM/dcm4chee-arc/storage:/storage
All the containers start just fine, but keycloak is unaccessible.
Keycloak container log below:
2024-12-28 15:43:01 /docker-entrypoint.sh: line 13: cmp: command not found
2024-12-28 15:43:01 Importing keystore /opt/keycloak/conf/keystores/cacerts.p12 to /usr/lib/jvm/java-21-amazon-corretto/lib/security/cacerts...
2024-12-28 15:43:01 Entry for alias mykey successfully imported.
2024-12-28 15:43:01 Import command completed: 1 entries successfully imported, 0 entries failed or cancelled
2024-12-28 15:43:01 '/docker-entrypoint.d/quarkus/build-system.properties' -> '/opt/keycloak/lib/quarkus/build-system.properties'
2024-12-28 15:43:01 '/docker-entrypoint.d/quarkus/generated-bytecode.jar' -> '/opt/keycloak/lib/quarkus/generated-bytecode.jar'
2024-12-28 15:43:01 '/docker-entrypoint.d/quarkus/quarkus-application.dat' -> '/opt/keycloak/lib/quarkus/quarkus-application.dat'
2024-12-28 15:43:01 '/docker-entrypoint.d/quarkus/transformed-bytecode.jar' -> '/opt/keycloak/lib/quarkus/transformed-bytecode.jar'
2024-12-28 15:43:01 '/docker-entrypoint.d/themes/j4care' -> '/opt/keycloak/themes/j4care'
2024-12-28 15:43:01 '/docker-entrypoint.d/themes/j4care/login' -> '/opt/keycloak/themes/j4care/login'
2024-12-28 15:43:01 '/docker-entrypoint.d/themes/j4care/login/resources' -> '/opt/keycloak/themes/j4care/login/resources'
2024-12-28 15:43:01 '/docker-entrypoint.d/themes/j4care/login/resources/css' -> '/opt/keycloak/themes/j4care/login/resources/css'
2024-12-28 15:43:01 '/docker-entrypoint.d/themes/j4care/login/resources/css/styles.css' -> '/opt/keycloak/themes/j4care/login/resources/css/styles.css'
2024-12-28 15:43:01 '/docker-entrypoint.d/themes/j4care/login/resources/img' -> '/opt/keycloak/themes/j4care/login/resources/img'
2024-12-28 15:43:01 '/docker-entrypoint.d/themes/j4care/login/resources/img/favicon.ico' -> '/opt/keycloak/themes/j4care/login/resources/img/favicon.ico'
2024-12-28 15:43:01 '/docker-entrypoint.d/themes/j4care/login/resources/img/j4care-bg.jpg' -> '/opt/keycloak/themes/j4care/login/resources/img/j4care-bg.jpg'
2024-12-28 15:43:01 '/docker-entrypoint.d/themes/j4care/login/resources/img/j4care-logo.png' -> '/opt/keycloak/themes/j4care/login/resources/img/j4care-logo.png'
2024-12-28 15:43:01 '/docker-entrypoint.d/themes/j4care/login/theme.properties' -> '/opt/keycloak/themes/j4care/login/theme.properties'
2024-12-28 15:43:01 Waiting for ldap:389 ...
2024-12-28 15:43:01 done
2024-12-28 15:43:01 Waiting for mariadb:3306 ...
2024-12-28 15:43:01 done
2024-12-28 15:43:01 Starting Keycloak 26.0.6
2024-12-28 15:43:02 Changes detected in configuration. Updating the server image.
2024-12-28 15:43:02 Updating the configuration and installing your custom providers, if any. Please wait.
2024-12-28 15:43:05 2024-12-28 13:43:05,295 WARN [org.key.services] (build-6) KC-SERVICES0047: dcm4che-audit (org.dcm4che3.audit.keycloak.Dcm4cheEventListenerProviderFactory) is implementing the internal SPI eventsListener. This SPI is internal and may change without notice
2024-12-28 15:43:09 2024-12-28 13:43:09,469 INFO [io.qua.dep.QuarkusAugmentor] (main) Quarkus augmentation completed in 6263ms
2024-12-28 15:43:09 Server configuration updated and persisted. Run the following command to review the configuration:
2024-12-28 15:43:09
2024-12-28 15:43:09 kc.sh show-config
2024-12-28 15:43:09
2024-12-28 15:43:09 Next time you run the server, just run:
2024-12-28 15:43:09
2024-12-28 15:43:09 kc.sh start --import-realm --optimized
2024-12-28 15:43:09
Upon further inspection when i wanted to check the kc.sh config i got the following error:
bash-5.2# kc.sh show-config
Exception in thread "main" java.nio.file.NoSuchFileException: /opt/keycloak/lib/quarkus/quarkus-application.dat
at java.base/sun.nio.fs.UnixException.translateToIOException(UnixException.java:92)
at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:106)
at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111)
at java.base/sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvider.java:261)
at java.base/java.nio.file.Files.newByteChannel(Files.java:379)
at java.base/java.nio.file.Files.newByteChannel(Files.java:431)
at java.base/java.nio.file.spi.FileSystemProvider.newInputStream(FileSystemProvider.java:420)
at java.base/java.nio.file.Files.newInputStream(Files.java:159)
at io.quarkus.bootstrap.runner.QuarkusEntryPoint.doRun(QuarkusEntryPoint.java:53)
at io.quarkus.bootstrap.runner.QuarkusEntryPoint.main(QuarkusEntryPoint.java:33)
I do not know if this is a configuration issue or keycloak image issue and would appreciate any and all help.
Thanks in advance and happy new and productive year to everyone!
I've tried to set up DCM to run w/ keycloak on Windows 11 using the docker compose which is provided below:
https://github.com/dcm4che/dcm4chee-arc-light/wiki/Run-secured-archive-services-on-a-single-host
Although i modified it a bit because i do not want to run it on https yet, i want to test the user management first.
My .yml is below:
version: "3"
services:
ldap:
image: dcm4che/slapd-dcm4chee:2.6.7-33.1
logging:
driver: json-file
options:
max-size: "10m"
ports:
- "389:389"
- "636:636"
environment:
STORAGE_DIR: /storage/fs1
volumes:
- C:/DCM/dcm4chee-arc/ldap:/var/lib/openldap/openldap-data
- C:/DCM/dcm4chee-arc/slapd.d:/etc/openldap/slapd.d
mariadb:
image: mariadb:10.11.4
logging:
driver: json-file
options:
max-size: "10m"
ports:
- "3308:3306" # Exposing MariaDB on port 3308 of the host
environment:
MYSQL_ROOT_PASSWORD: secret
MYSQL_DATABASE: keycloak
MYSQL_USER: keycloak
MYSQL_PASSWORD: keycloak
volumes:
- C:/DCM/dcm4chee-arc/mysql:/var/lib/mysql
keycloak:
image: dcm4che/keycloak:26.0.6
logging:
driver: json-file
options:
max-size: "10m"
ports:
- "8080:8080" # HTTP port for Keycloak
environment:
KC_HTTPS_PORT: 8080
KC_HOSTNAME: http://localhost:8080
KC_HOSTNAME_BACKCHANNEL_DYNAMIC: 'true'
KC_BOOTSTRAP_ADMIN_USERNAME: admin
KC_BOOTSTRAP_ADMIN_PASSWORD: changeit
KC_DB: mariadb
KC_DB_URL_DATABASE: mariadb
KC_DB_URL_HOST: dcm4chee-mariadb-1
KC_DB_URL_PORT: 3306
KC_DB_USERNAME: keycloak
KC_DB_PASSWORD: keycloak
KC_LOG: file
KEYCLOAK_LOGLEVEL: DEBUG
ARCHIVE_HOST: localhost
KEYCLOAK_WAIT_FOR: ldap:389 mariadb:3306
depends_on:
- ldap
- mariadb
volumes:
- C:/DCM/dcm4chee-arc/keycloak:/opt/keycloak/data
db:
image: dcm4che/postgres-dcm4chee:17.1-33
logging:
driver: json-file
options:
max-size: "10m"
ports:
- "5433:5432" # Changed from 5432 to 5433 for Postgres port
environment:
POSTGRES_DB: pacsdb
POSTGRES_USER: pacs
POSTGRES_PASSWORD: pacs
volumes:
- C:/DCM/dcm4chee-arc/db:/var/lib/postgresql/data
arc:
image: dcm4che/dcm4chee-arc-psql:5.33.1-secure
ports:
- "8443:8443" # Secure HTTPS access
- "9990:9990"
- "9993:9993"
- "11112:11112"
- "2762:2762"
- "2575:2575"
- "12575:12575"
environment:
POSTGRES_DB: pacsdb
POSTGRES_USER: pacs
POSTGRES_PASSWORD: pacs
AUTH_SERVER_URL: https://keycloak:8843
UI_AUTH_SERVER_URL: https://localhost:8843
WILDFLY_CHOWN: /storage
WILDFLY_WAIT_FOR: ldap:389 db:5433 keycloak:8843
depends_on:
- ldap
- keycloak
- db
volumes:
- C:/DCM/dcm4chee-arc/wildfly:/opt/wildfly/standalone
- C:/DCM/dcm4chee-arc/storage:/storage
All the containers start just fine, but keycloak is unaccessible.
Keycloak container log below:
2024-12-28 15:43:01 /docker-entrypoint.sh: line 13: cmp: command not found
2024-12-28 15:43:01 Importing keystore /opt/keycloak/conf/keystores/cacerts.p12 to /usr/lib/jvm/java-21-amazon-corretto/lib/security/cacerts...
2024-12-28 15:43:01 Entry for alias mykey successfully imported.
2024-12-28 15:43:01 Import command completed: 1 entries successfully imported, 0 entries failed or cancelled
2024-12-28 15:43:01 '/docker-entrypoint.d/quarkus/build-system.properties' -> '/opt/keycloak/lib/quarkus/build-system.properties'
2024-12-28 15:43:01 '/docker-entrypoint.d/quarkus/generated-bytecode.jar' -> '/opt/keycloak/lib/quarkus/generated-bytecode.jar'
2024-12-28 15:43:01 '/docker-entrypoint.d/quarkus/quarkus-application.dat' -> '/opt/keycloak/lib/quarkus/quarkus-application.dat'
2024-12-28 15:43:01 '/docker-entrypoint.d/quarkus/transformed-bytecode.jar' -> '/opt/keycloak/lib/quarkus/transformed-bytecode.jar'
2024-12-28 15:43:01 '/docker-entrypoint.d/themes/j4care' -> '/opt/keycloak/themes/j4care'
2024-12-28 15:43:01 '/docker-entrypoint.d/themes/j4care/login' -> '/opt/keycloak/themes/j4care/login'
2024-12-28 15:43:01 '/docker-entrypoint.d/themes/j4care/login/resources' -> '/opt/keycloak/themes/j4care/login/resources'
2024-12-28 15:43:01 '/docker-entrypoint.d/themes/j4care/login/resources/css' -> '/opt/keycloak/themes/j4care/login/resources/css'
2024-12-28 15:43:01 '/docker-entrypoint.d/themes/j4care/login/resources/css/styles.css' -> '/opt/keycloak/themes/j4care/login/resources/css/styles.css'
2024-12-28 15:43:01 '/docker-entrypoint.d/themes/j4care/login/resources/img' -> '/opt/keycloak/themes/j4care/login/resources/img'
2024-12-28 15:43:01 '/docker-entrypoint.d/themes/j4care/login/resources/img/favicon.ico' -> '/opt/keycloak/themes/j4care/login/resources/img/favicon.ico'
2024-12-28 15:43:01 '/docker-entrypoint.d/themes/j4care/login/resources/img/j4care-bg.jpg' -> '/opt/keycloak/themes/j4care/login/resources/img/j4care-bg.jpg'
2024-12-28 15:43:01 '/docker-entrypoint.d/themes/j4care/login/resources/img/j4care-logo.png' -> '/opt/keycloak/themes/j4care/login/resources/img/j4care-logo.png'
2024-12-28 15:43:01 '/docker-entrypoint.d/themes/j4care/login/theme.properties' -> '/opt/keycloak/themes/j4care/login/theme.properties'
2024-12-28 15:43:01 Waiting for ldap:389 ...
2024-12-28 15:43:01 done
2024-12-28 15:43:01 Waiting for mariadb:3306 ...
2024-12-28 15:43:01 done
2024-12-28 15:43:01 Starting Keycloak 26.0.6
2024-12-28 15:43:02 Changes detected in configuration. Updating the server image.
2024-12-28 15:43:02 Updating the configuration and installing your custom providers, if any. Please wait.
2024-12-28 15:43:05 2024-12-28 13:43:05,295 WARN [org.key.services] (build-6) KC-SERVICES0047: dcm4che-audit (org.dcm4che3.audit.keycloak.Dcm4cheEventListenerProviderFactory) is implementing the internal SPI eventsListener. This SPI is internal and may change without notice
2024-12-28 15:43:09 2024-12-28 13:43:09,469 INFO [io.qua.dep.QuarkusAugmentor] (main) Quarkus augmentation completed in 6263ms
2024-12-28 15:43:09 Server configuration updated and persisted. Run the following command to review the configuration:
2024-12-28 15:43:09
2024-12-28 15:43:09 kc.sh show-config
2024-12-28 15:43:09
2024-12-28 15:43:09 Next time you run the server, just run:
2024-12-28 15:43:09
2024-12-28 15:43:09 kc.sh start --import-realm --optimized
2024-12-28 15:43:09
Upon further inspection when i wanted to check the kc.sh config i got the following error:
bash-5.2# kc.sh show-config
Exception in thread "main" java.nio.file.NoSuchFileException: /opt/keycloak/lib/quarkus/quarkus-application.dat
at java.base/sun.nio.fs.UnixException.translateToIOException(UnixException.java:92)
at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:106)
at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111)
at java.base/sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvider.java:261)
at java.base/java.nio.file.Files.newByteChannel(Files.java:379)
at java.base/java.nio.file.Files.newByteChannel(Files.java:431)
at java.base/java.nio.file.spi.FileSystemProvider.newInputStream(FileSystemProvider.java:420)
at java.base/java.nio.file.Files.newInputStream(Files.java:159)
at io.quarkus.bootstrap.runner.QuarkusEntryPoint.doRun(QuarkusEntryPoint.java:53)
at io.quarkus.bootstrap.runner.QuarkusEntryPoint.main(QuarkusEntryPoint.java:33)
I do not know if this is a configuration issue or keycloak image issue and would appreciate any and all help.
Thanks in advance and happy new and productive year to everyone!
Marius S
Jan 3, 2025, 11:28:57 AM1/3/25
to dcm4che
I was not able to start keycloak:26.0.6 as well. I have used keycloak:25.0.6 image and it worked fine.
Also I am confused about these parameters:
KC_BOOTSTRAP_ADMIN_USERNAME: admin
KC_BOOTSTRAP_ADMIN_PASSWORD: changeit
Because when keycloak:25.0.6 started and I tried to access admin realm it says that you need to have these environment variables provided:
KEYCLOAK_ADMIN:
KEYCLOAK_ADMIN_PASSWORD
So I do not understand what is the point of KC_BOOTSTRAP_ADMIN_USERNAME KC_BOOTSTRAP_ADMIN_PASSWORD variables.
Also I am confused about these parameters:
KC_BOOTSTRAP_ADMIN_USERNAME: admin
KC_BOOTSTRAP_ADMIN_PASSWORD: changeit
Because when keycloak:25.0.6 started and I tried to access admin realm it says that you need to have these environment variables provided:
KEYCLOAK_ADMIN:
KEYCLOAK_ADMIN_PASSWORD
So I do not understand what is the point of KC_BOOTSTRAP_ADMIN_USERNAME KC_BOOTSTRAP_ADMIN_PASSWORD variables.
M.
Luc Bénéchet
Jan 20, 2025, 5:14:51 PM1/20/25
to dcm4che
Same error on my side.
in same time, I see this error:
[Warning] Aborted connection 3 to db: 'unconnected' user: 'unauthenticated' host: '172.18.0.5'
How to be sure the JDK version? is 23?
Reply all
Reply to author
Forward
0 new messages