gpt4 book ai didi

spring-boot - 从后端容器连接到 keycloak 容器时连接被拒绝

转载 作者:行者123 更新时间:2023-12-05 09:07:25 31 4
gpt4 key购买 nike

我有两个容器后端(spring boot 应用程序)和 Keycloak。如果我在容器中运行 keycloak 并在本地运行后端:它可以工作

如果它们都在容器中运行,则后端不会启动并显示以下错误:

Failed to instantiate [org.springframework.security.oauth2.jwt.JwtDecoder]: Factory method 'jwtDecoderByIssuerUri' threw exception; nested exception is java.lang.IllegalArgumentException: Unable to resolve the Configuration with the provided Issuer of "http://keycloak:8082/auth/realms/myrealm"

Caused by: org.springframework.web.client.ResourceAccessException: I/O error on GET request for "http://keycloak:8082/auth/realms/myrealm/.well-known/openid-configuration": Connection refused (Connection refused);

以下是我的配置:

docker 组成:

services:

keycloak:
image: jboss/keycloak:8.0.1
command:
- " -b 0.0.0.0"
container_name: "keycloak"
networks:
- myproject
volumes:
- "./keycloak/realm-export.json:/opt/jboss/keycloak/bin/keycloak_export_dir/realm-export.json"
environment:
KEYCLOAK_USER: admin
KEYCLOAK_PASSWORD: admin
KEYCLOAK_IMPORT: /opt/jboss/keycloak/bin/keycloak_export_dir/realm-export.json
ports:
- "8082:8080"

backend:
build:
context: ./backend
dockerfile: Dockerfile
container_name: "backend"
environment:
- spring.oauth2.resourceserver.jwt.issuer-uri= http://keycloak:8082/auth/realms/myrealm
links:
- keycloak
networks:
- myproject
restart: on-failure
ports:
- "8080:8080"

networks:
myproject:
driver: bridge

应用程序.yml:

  application:
name: backend
security:
oauth2:
resourceserver:
jwt:
issuer-uri: http://localhost:8082/auth/realms/myrealm

你知道为什么我会拒绝连接吗?任何帮助表示赞赏:)

最佳答案

您的 Keycloak 容器使用以下端口配置

ports:
- "8082:8080"

这意味着:

Keycloak 可通过端口 8082 从外部访问。

但在内部(在这个 docker 网络中),keycloak 只能通过暴露的 8080 端口访问。所以你的后端应用程序需要(内部)连接到 http://keycloak:8080

关于spring-boot - 从后端容器连接到 keycloak 容器时连接被拒绝,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/64822632/

31 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com