Groups keyboard shortcuts have been updated
Dismiss
See shortcuts

Re: [keycloak-user] Digest for keycloak-user@googlegroups.com - 3 updates in 1 topic

51 views
Skip to first unread message

Sreehari Tummala

unread,
Dec 6, 2024, 10:14:32 AM12/6/24
to keyclo...@googlegroups.com
Hi All,
We are seeing the following error in keycloak 23-
Failed to send email: java.lang.NullPointerException: Cannot invoke "org.keycloak.truststore.TruststoreProviderFactory.create(org.keycloak.models.KeycloakSession)" because "truststoreFactory" is null
I think we are missing some basic configuration related to truststore but, not able to figure out! 
Can any of you tell us what configuration we are missing.
thanks in advance!

On Fri, Dec 6, 2024 at 7:05 AM <keyclo...@googlegroups.com> wrote:
Kobus Bensch <ko...@yospace.com>: Dec 05 05:46AM -0800

Hi
 
I have 2 kc 24.0.2 nodes and I want to set these up on a load balancer for
roundrobin access. I have the LB and the RR working, but there is something
wrong I think with my infinispan config. I do not think the session
information is shared between the nodes.
 
I have now battling with this looking at so many websites and tried so many
things that I need to resort to asking you guys.
 
Can anybody please help?
 
Thank you
 
2 X Oracle Enterprise Linux 9.4
 
Here is my KC config on both nodes:
cache=ispn
cache-config-file=cache-ispn-tcpping.xml
cache-stack=tcp
db=postgres
db-username=keycloak
db-password=password
db-url=jdbc:postgresql://db_server:5432/keycloak
hostname=sso.company.com
hostname-strict-https=false
http-port=8080
http-relative-path=/auth
https-certificate-file=/etc/keycloak/conf/star.company.com_bundle.crt
https-certificate-key-file=/etc/keycloak/conf/star.company.com.key
https-port=8443
log=file
log-file=/var/log/keycloak/keycloak.log
log-file-format=%d{yyyy-MM-dd HH:mm:ss,SSS}
log-file-output=json
health-enabled=true
metrics-enabled=true
 
My infinispan configm looks like this:
<infinispan
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="urn:infinispan:config:14.0
http://www.infinispan.org/schemas/infinispan-config-14.0.xsd"
xmlns="urn:infinispan:config:14.0">
 
<jgroups>
<stack name="tcpping" extends="tcp">
<TCP bind_port="7800" />
<TCPPING initial_hosts="172.16.2.101[7800],172.16.2.102[7800]"
port_range="0"
stack.combine="REPLACE"
stack.position="MPING"/>
</stack>
</jgroups>
 
<cache-container name="keycloak">
<transport lock-timeout="60000"/>
<metrics names-as-tags="true" />
<local-cache name="realms" simple-cache="true">
<encoding>
<key media-type="application/x-java-object"/>
<value media-type="application/x-java-object"/>
</encoding>
<memory max-count="10000"/>
</local-cache>
<local-cache name="users" simple-cache="true">
<encoding>
<key media-type="application/x-java-object"/>
<value media-type="application/x-java-object"/>
</encoding>
<memory max-count="10000"/>
</local-cache>
<distributed-cache name="sessions" owners="2">
<expiration lifespan="-1"/>
</distributed-cache>
<distributed-cache name="authenticationSessions" owners="2">
<expiration lifespan="-1"/>
</distributed-cache>
<distributed-cache name="offlineSessions" owners="2">
<expiration lifespan="-1"/>
</distributed-cache>
<distributed-cache name="clientSessions" owners="2">
<expiration lifespan="-1"/>
</distributed-cache>
<distributed-cache name="offlineClientSessions" owners="2">
<expiration lifespan="-1"/>
</distributed-cache>
<distributed-cache name="loginFailures" owners="2">
<expiration lifespan="-1"/>
</distributed-cache>
<local-cache name="authorization" simple-cache="true">
<encoding>
<key media-type="application/x-java-object"/>
<value media-type="application/x-java-object"/>
</encoding>
<memory max-count="10000"/>
</local-cache>
<replicated-cache name="work">
<expiration lifespan="-1"/>
</replicated-cache>
<local-cache name="keys" simple-cache="true">
<encoding>
<key media-type="application/x-java-object"/>
<value media-type="application/x-java-object"/>
</encoding>
<expiration max-idle="3600000"/>
<memory max-count="1000"/>
</local-cache>
<distributed-cache name="actionTokens" owners="2">
<encoding>
<key media-type="application/x-java-object"/>
<value media-type="application/x-java-object"/>
</encoding>
<expiration max-idle="-1" lifespan="-1" interval="300000"/>
<memory max-count="-1"/>
</distributed-cache>
</cache-container>
</infinispan>
 
I also have this in my quarkus.properties file:
quarkus.transaction-manager.enable-recovery=true
Kobus Bensch <ko...@yospace.com>: Dec 05 05:57AM -0800

The errors I am getting are:
{
"timestamp": "2024-12-05T13:54:45.511588492Z",
"sequence": 9925127,
"loggerClassName": "org.jboss.logging.Logger",
"loggerName": "org.keycloak.events",
"level": "WARN",
"message": "type=\"CODE_TO_TOKEN_ERROR\",
realmId=\"d8f93cbd-72b0-48c3-9621-dffd0cb0058e\", clientId=\"nagios\",
userId=\"null\", ipAddress=\"172.16.2.106\", error=\"invalid_code\",
grant_type=\"authorization_code\",
code_id=\"26360c10-dcd7-414b-9e2a-37570dc11f5b\",
client_auth_method=\"client-secret\"",
"threadName": "executor-thread-122",
"threadId": 131468,
"mdc": {},
"ndc": "",
"hostName": "offiikck002.internal.company.com",
"processName": "QuarkusEntryPoint",
"processId": 218527
}
 
On Thursday, 5 December 2024 at 13:46:43 UTC Kobus Bensch wrote:
 
Kobus Bensch <ko...@yospace.com>: Dec 05 05:58AM -0800

If I only have one of the servers started then it always works as it
should, but as soon as both nodes are in the LB then I get the above error.
 
On Thursday, 5 December 2024 at 13:57:13 UTC Kobus Bensch wrote:
 
You received this digest because you're subscribed to updates for this group. You can change your settings on the group membership page.
To unsubscribe from this group and stop receiving emails from it send an email to keycloak-use...@googlegroups.com.
Reply all
Reply to author
Forward
0 new messages