Tomcat 9 Adapter - Java 11 support
246 views
Skip to first unread message
Joeri Meijer
Sep 14, 2021, 4:54:53 AM9/14/21
to Keycloak User
Hello,
We are busy implementing the tomcat keycloak adapter and discovered an unusual issue when changing the JRE from Java 8 to Java 11.
From my own research I think this is caused by the Apache HttpClient. This changelog mentions that Java 11 compatibility was only added in 5.0 (CTRL+F for 'JDK 11 compatibility'), while the tomcat adapter still uses 4.15.3.
Is Java 11 officially unsupported for the tomcat adapter, or is this some other issue?
This is the error that was caused:
13-Sep-2021 15:16:28.762 INFO [http-nio-8080-exec-2] org.apache.http.impl.client.DefaultHttpClient.tryExecute I/O exception (org.apache.http.NoHttpResponseException) caught when processing request to {s}-> https://<url>:443: The target server failed to respond
13-Sep-2021 15:16:28.762 INFO [http-nio-8080-exec-2] org.apache.http.impl.client.DefaultHttpClient.tryExecute Retrying request to {s}->https://<url>:443:
13-Sep-2021 15:16:28.805 INFO [http-nio-8080-exec-2] org.apache.http.impl.client.DefaultHttpClient.tryExecute I/O exception (org.apache.http.NoHttpResponseException) caught when processing request to {s}-> https://<url>:443: The target server failed to respond
13-Sep-2021 15:16:28.805 INFO [http-nio-8080-exec-2] org.apache.http.impl.client.DefaultHttpClient.tryExecute Retrying request to {s}->https://<url>:443:
13-Sep-2021 15:16:28.840 INFO [http-nio-8080-exec-2] org.apache.http.impl.client.DefaultHttpClient.tryExecute I/O exception (org.apache.http.NoHttpResponseException) caught when processing request to {s}->https://<url>:443: The target server failed to respond
13-Sep-2021 15:16:28.840 INFO [http-nio-8080-exec-2] org.apache.http.impl.client.DefaultHttpClient.tryExecute Retrying request to {s}->https://<url>:443
13-Sep-2021 15:16:28.895 WARN [http-nio-8080-exec-2] org.keycloak.adapters.KeycloakDeployment.resolveUrls Failed to load URLs from https://<url>/auth/realms/<realm>/.well-known/openid-configuration
org.apache.http.NoHttpResponseException: <url>:443 failed to respond
at org.apache.http.impl.conn.DefaultHttpResponseParser.parseHead(DefaultHttpResponseParser.java:141)
at org.apache.http.impl.conn.DefaultHttpResponseParser.parseHead(DefaultHttpResponseParser.java:56)
at org.apache.http.impl.io.AbstractMessageParser.parse(AbstractMessageParser.java:259)
at org.apache.http.impl.AbstractHttpClientConnection.receiveResponseHeader(AbstractHttpClientConnection.java:294)
at org.apache.http.impl.conn.DefaultClientConnection.receiveResponseHeader(DefaultClientConnection.java:257)
at org.apache.http.impl.conn.AbstractClientConnAdapter.receiveResponseHeader(AbstractClientConnAdapter.java:230)
at org.apache.http.protocol.HttpRequestExecutor.doReceiveResponse(HttpRequestExecutor.java:273)
at org.apache.http.protocol.HttpRequestExecutor.execute(HttpRequestExecutor.java:125)
at org.apache.http.impl.client.DefaultRequestDirector.tryExecute(DefaultRequestDirector.java:679)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:481)
at org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:835)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56)
at org.keycloak.adapters.KeycloakDeployment.getOidcConfiguration(KeycloakDeployment.java:230)
at org.keycloak.adapters.KeycloakDeployment.resolveUrls(KeycloakDeployment.java:182)
at org.keycloak.adapters.KeycloakDeployment.getAuthUrl(KeycloakDeployment.java:251)
at org.keycloak.adapters.OAuthRequestAuthenticator.getRedirectUri(OAuthRequestAuthenticator.java:175)
at org.keycloak.adapters.OAuthRequestAuthenticator.loginRedirect(OAuthRequestAuthenticator.java:213)
at org.keycloak.adapters.OAuthRequestAuthenticator.authenticate(OAuthRequestAuthenticator.java:275)
at org.keycloak.adapters.RequestAuthenticator.authenticate(RequestAuthenticator.java:138)
at org.keycloak.adapters.tomcat.AbstractKeycloakAuthenticatorValve.authenticateInternal(AbstractKeycloakAuthenticatorValve.java:203)
at org.keycloak.adapters.tomcat.KeycloakAuthenticatorValve.authenticate(KeycloakAuthenticatorValve.java:50)
at org.keycloak.adapters.tomcat.KeycloakAuthenticatorValve.doAuthenticate(KeycloakAuthenticatorValve.java:57)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:632)
at org.keycloak.adapters.tomcat.AbstractKeycloakAuthenticatorValve.invoke(AbstractKeycloakAuthenticatorValve.java:181)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:687)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:357)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:382)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:893)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1726)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.base/java.lang.Thread.run(Thread.java:834)
Along with this one in the tomcat log:
13-Sep-2021 15:16:28.896 SEVERE [http-nio-8080-exec-2] org.apache.catalina.core.StandardHostValve.invoke Exception Processing /<application-name>/
java.lang.NullPointerException
at org.keycloak.adapters.OAuthRequestAuthenticator.getRedirectUri(OAuthRequestAuthenticator.java:175)
at org.keycloak.adapters.OAuthRequestAuthenticator.loginRedirect(OAuthRequestAuthenticator.java:213)
at org.keycloak.adapters.OAuthRequestAuthenticator.authenticate(OAuthRequestAuthenticator.java:275)
at org.keycloak.adapters.RequestAuthenticator.authenticate(RequestAuthenticator.java:138)
at org.keycloak.adapters.tomcat.AbstractKeycloakAuthenticatorValve.authenticateInternal(AbstractKeycloakAuthenticatorValve.java:203)
at org.keycloak.adapters.tomcat.KeycloakAuthenticatorValve.authenticate(KeycloakAuthenticatorValve.java:50)
at org.keycloak.adapters.tomcat.KeycloakAuthenticatorValve.doAuthenticate(KeycloakAuthenticatorValve.java:57)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:632)
at org.keycloak.adapters.tomcat.AbstractKeycloakAuthenticatorValve.invoke(AbstractKeycloakAuthenticatorValve.java:181)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:687)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:357)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:382)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:893)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1726)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.base/java.lang.Thread.run(Thread.java:834)
Kind regards,
Joeri Meijer
Qlip B.V.
Niko Köbler
Sep 15, 2021, 2:06:07 AM9/15/21
to Keycloak User
One of my customers is using Tomcat 9 with Keycloak adapter with Java 11 for long, without problems.
Since Keycloak 13 they are also using Java 16 with Tomcat 9 successfully.
- Niko
Reply all
Reply to author
Forward
0 new messages