I have inherited a keycloack implementation that is running on an airgapped server, and cannot be upgrade easily. After a recent restart and reload the keycloak implementation failed.
Keycloak is running as a docker container providing user authentication to an application frontend in a nginx server also in docker.
User login fails from the application frontend, and if I enter the keycloak admin console and try to impersonate a user. Checking the server.log file i can see:
..org.h2.jdbc.JdbcSQLException: Unique index or primary key violation:
"PRIMARY_KEY_62 ON PUBLIC.REALM(ID) VALUES ('nca-realm', 24)"; SQL statement:..
I am fairly sure this standalone installation is using H2 database.
Can anyone point me in the right direction to fix this issue?
Thanks for the response, my experience with keycloak is minimal, so apologies for the gaps.
The version of keycloak is rather old I believe. The docker container has the tag 18.2, and within the keycloak files there is a version,txt file that contains the entry:
Keycloak - Version 3.4.1.Final, WildFly Core 3.0.8.Final
I currently don’t have the option to upgrade (part of a commercial test system integrated with a specialist application stack)
I’m not sure what else to specify in terms of actions. When I load the application frontend I get an authentication screen supplied by keycloak, a spinning wheel for about 5 seconds, and then a login failed message. After this I went to the keycloak admin console to check the configuration and there I impersonated the test user which failed.
I would appreciate guidance on which logs to check. I found the server.log which is full of the error specified above. I haven’t found any additional logs yet.
Thanks for the additional information. I understand that you can’t upgrade, but it’s actually pretty hard to even get those old versions for those trying to help you debug.
By additional logs, I meant the whole server.log. Seeing a single line without context is hard to know what is going on.
The whole server log is rather long (200+ lines). What is the preferred way of providing this? Is it to paste the whole thing or to provide a link to the file somewhere?
This has the first 200 or so lines up until the first occurance of the error. The rest of the file is the same error repeated.
At this point I am looking for guidance on how to go about troubleshooting this. My googling suggests that there are multiple issues that could potetnially cause this error. I’m lost as where to start to narrow down the issue.
It looks like you have your keycloak set up to import a realm from a file on startup. That’s causing a PK constraint error because it is trying to import a realm that is already there.
I have little memory of how it used to be, but look at your startup command, startup-scripts dir, and standalone.xml config files for hints. If you just clear the config, this problem will happen again.
Thanks for the hints. I am slowly documenting the startup process, and recording all the various scripts involved. It looks like a 3 way relationship between nginx, a web app and keycloak.