Help

Alfresco content comunity cannot started after keycloak integration

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
ayatullah
Member II
‎23 Sep 2021 9:43 AM

Alfresco content comunity cannot started after keycloak integration

@afaust

Hello,

I run keycloak using docker as below

docker run -p 8888:8080 -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=admin quay.io/keycloak/keycloak:15.0.2

then add keycloak configuration to alfresco docker-compose as below

# This docker-compose file will spin up an ACS cluster on a local host or on a server and it requires a minimum of 12GB Memory to distribute among containers.
# Limit container memory and assign X percentage to JVM.  There are couple of ways to allocate JVM Memory for ACS Containers
# For example: 'JAVA_OPTS: "$JAVA_OPTS -XX:+PrintFlagsFinal -XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap"'
# See Oracle docs (https://docs.oracle.com/javase/9/gctuning/parallel-collector1.htm#JSGCT-GUID-CAB83393-3438-44ED-98F0-D15641B43C7D).
# If the container memory is not explicitly set then the flags above will set the max heap default to 1/4 of the container's memory, which may not be ideal.
# For performance tuning, assign the container memory and give a percentage of it to the JVM.

# Using version 2 as 3 does not support resource constraint options (cpu_*, mem_* limits) for non swarm mode in Compose
version: "2"

services:
    alfresco:
        image: alfresco/alfresco-content-repository-community:7.0.0
        mem_limit: 1500m
        environment:
            JAVA_TOOL_OPTIONS: "
                -Dencryption.keystore.type=JCEKS
                -Dencryption.cipherAlgorithm=DESede/CBC/PKCS5Padding
                -Dencryption.keyAlgorithm=DESede
                -Dencryption.keystore.location=/usr/local/tomcat/shared/classes/alfresco/extension/keystore/keystore
                -Dmetadata-keystore.password=mp6yc0UD9e
                -Dmetadata-keystore.aliases=metadata
                -Dmetadata-keystore.metadata.password=oKIWzVdEdA
                -Dmetadata-keystore.metadata.algorithm=DESede
                "
            JAVA_OPTS: "
                -Ddb.driver=org.postgresql.Driver
                -Ddb.username=alfresco
                -Ddb.password=alfresco
                -Ddb.url=jdbc:postgresql://postgres:5432/alfresco
                -Dsolr.host=solr6
                -Dsolr.port=8983
                -Dsolr.http.connection.timeout=1000
                -Dsolr.secureComms=none
                -Dsolr.base.url=/solr
                -Dindex.subsystem.name=solr6
                -Dshare.host=127.0.0.1
                -Dshare.port=8080
                -Dalfresco.host=localhost
                -Dalfresco.port=8080
                -Daos.baseUrlOverwrite=http://localhost:8080/alfresco/aos
                -Dmessaging.broker.url=\"failover:(nio://activemq:61616)?timeout=3000&jms.useCompression=true\"
                -Ddeployment.method=DOCKER_COMPOSE
                -DlocalTransform.core-aio.url=http://transform-core-aio:8090/
                -Dcsrf.filter.enabled=false
                -XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80
                -Dauthentication.chain=identity-service1:identity-service,alfrescoNtlm1:alfrescoNtlm
                -Didentity-service.authentication.enabled=true
                -Didentity-service.enable-basic-auth=true
                -Didentity-service.authentication.defaultAdministratorUserNames=admin
                -Didentity-service.authentication.validation.failure.silent=false
                -Didentity-service.auth-server-url=http://localhost:8888/auth
                -Didentity-service.realm=master
                -Didentity-service.resource=master-client
                -Didentity-service.public-client=true
                -Didentity-service.ssl-required=none
                "

    transform-core-aio:
        image: alfresco/alfresco-transform-core-aio:2.3.10
        mem_limit: 1536m
        environment:
            JAVA_OPTS: " -XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80"
        ports:
            - 8090:8090

    share:
        image: alfresco/alfresco-share:7.0.0
        mem_limit: 1g
        environment:
            REPO_HOST: "alfresco"
            REPO_PORT: "8080"
            JAVA_OPTS: "
                -XX:MinRAMPercentage=50
                -XX:MaxRAMPercentage=80
                -Dalfresco.host=localhost
                -Dalfresco.port=8080
                -Dalfresco.context=alfresco
                -Dalfresco.protocol=http
                "

    postgres:
        image: postgres:13.1
        mem_limit: 512m
        environment:
            - POSTGRES_PASSWORD=alfresco
            - POSTGRES_USER=alfresco
            - POSTGRES_DB=alfresco
        command: postgres -c max_connections=300 -c log_min_messages=LOG
        ports:
            - 5432:5432

    solr6:
        image: alfresco/alfresco-search-services:2.0.1
        mem_limit: 2g
        environment:
            #Solr needs to know how to register itself with Alfresco
            - SOLR_ALFRESCO_HOST=alfresco
            - SOLR_ALFRESCO_PORT=8080
            #Alfresco needs to know how to call solr
            - SOLR_SOLR_HOST=solr6
            - SOLR_SOLR_PORT=8983
            #Create the default alfresco and archive cores
            - SOLR_CREATE_ALFRESCO_DEFAULTS=alfresco,archive
            #HTTP by default
            - ALFRESCO_SECURE_COMMS=none
        ports:
            - 8083:8983 #Browser port

    activemq:
        image: alfresco/alfresco-activemq:5.16.1
        mem_limit: 1g
        ports:
            - 8161:8161 # Web Console
            - 5672:5672 # AMQP
            - 61616:61616 # OpenWire
            - 61613:61613 # STOMP

    proxy:
        image: alfresco/alfresco-acs-nginx:3.1.1
        mem_limit: 128m
        environment:
            DISABLE_PROMETHEUS: "true"
            DISABLE_SYNCSERVICE: "true"
            DISABLE_ADW: "true"
        depends_on:
            - alfresco
        ports:
            - 8080:8080
        links:
            - alfresco
            - share

after restart alfresco, it cannot startup i got the below exception:

alfresco_1            | org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'patch.updateAdminUserWhenDefault' defined in URL [jar:file:/usr/local/tomcat/webapps/alfresco/WEB-INF/lib/alfresco-repository-8.423.jar!/alfresco/patch/patch-services-context.xml]: Invocation of init method failed; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'authenticationComponent' defined in URL [jar:file:/usr/local/tomcat/webapps/alfresco/WEB-INF/lib/alfresco-repository-8.423.jar!/alfresco/subsystems/Authentication/identity-service/identity-service-authentication-context.xml]: Cannot resolve reference to bean 'authenticatorAuthzClient' while setting bean property 'authenticatorAuthzClient'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'authenticatorAuthzClient': FactoryBean threw exception on object creation; nested exception is java.lang.RuntimeException: Could not obtain configuration from server [http://localhost:8888/auth/realms/master/.well-known/uma2-configuration].
alfresco_1            | 	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1788)
alfresco_1            | 	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:609)
alfresco_1            | 	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:531)
alfresco_1            | 	at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335)
alfresco_1            | 	at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234)
alfresco_1            | 	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333)
alfresco_1            | 	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208)
alfresco_1            | 	at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:944)
alfresco_1            | 	at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:923)
alfresco_1            | 	at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:588)
alfresco_1            | 	at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:401)
alfresco_1            | 	at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:292)
alfresco_1            | 	at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:103)
alfresco_1            | 	at org.alfresco.web.app.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:70)
alfresco_1            | 	at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4716)
alfresco_1            | 	at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5177)
alfresco_1            | 	at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
alfresco_1            | 	at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:717)
alfresco_1            | 	at org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:129)
alfresco_1            | 	at org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:150)
alfresco_1            | 	at org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:140)
alfresco_1            | 	at java.base/java.security.AccessController.doPrivileged(Native Method)
alfresco_1            | 	at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:688)
alfresco_1            | 	at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:706)
alfresco_1            | 	at org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:1133)
alfresco_1            | 	at org.apache.catalina.startup.HostConfig$DeployDirectory.run(HostConfig.java:1866)
alfresco_1            | 	at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
alfresco_1            | 	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
alfresco_1            | 	at org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorService.java:75)
alfresco_1            | 	at java.base/java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.java:118)
alfresco_1            | 	at org.apache.catalina.startup.HostConfig.deployDirectories(HostConfig.java:1045)
alfresco_1            | 	at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:429)
alfresco_1            | 	at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1576)
alfresco_1            | 	at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:309)
alfresco_1            | 	at org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:123)
alfresco_1            | 	at org.apache.catalina.util.LifecycleBase.setStateInternal(LifecycleBase.java:423)
alfresco_1            | 	at org.apache.catalina.util.LifecycleBase.setState(LifecycleBase.java:366)
alfresco_1            | 	at org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:936)
alfresco_1            | 	at org.apache.catalina.core.StandardHost.startInternal(StandardHost.java:843)
alfresco_1            | 	at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
alfresco_1            | 	at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1384)
alfresco_1            | 	at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1374)
alfresco_1            | 	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
alfresco_1            | 	at org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorService.java:75)
alfresco_1            | 	at java.base/java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.java:140)
alfresco_1            | 	at org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:909)
alfresco_1            | 	at org.apache.catalina.core.StandardEngine.startInternal(StandardEngine.java:262)
alfresco_1            | 	at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
alfresco_1            | 	at org.apache.catalina.core.StandardService.startInternal(StandardService.java:434)
alfresco_1            | 	at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
alfresco_1            | 	at org.apache.catalina.core.StandardServer.startInternal(StandardServer.java:930)
alfresco_1            | 	at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
alfresco_1            | 	at org.apache.catalina.startup.Catalina.start(Catalina.java:772)
alfresco_1            | 	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
alfresco_1            | 	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
alfresco_1            | 	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
alfresco_1            | 	at java.base/java.lang.reflect.Method.invoke(Method.java:566)
alfresco_1            | 	at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:342)
alfresco_1            | 	at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:473)

Is this a correct method to integrate with keycloak?

Labels
0 Kudos
Reply
1 Reply
cristinamr
Advanced
‎24 Sep 2021 8:08 AM

Re: Alfresco content comunity cannot started after keycloak integration

Hi!

This is your error:

Could not obtain configuration from server [http://localhost:8888/auth/realms/master/.well-known/uma2-configuration].

Check this post.

Cheers.

--
VenziaIT: helping companies since 2005! Our ECM products: AQuA & Seidoc
0 Kudos
Reply
Alfresco Content Services Forum

Ask for and offer help to other Alfresco Content Services Users and members of the Alfresco team.

Related links:

We use cookies on this site to enhance your user experience

By using this site, you are agreeing to allow us to collect and use cookies as outlined in Alfresco’s Cookie Statement and Terms of Use (and you have a legitimate interest in Alfresco and our products, authorizing us to contact you in such methods).   If you are not ok with these terms, please do not use this website.