My keycloak integration with spring worked perfectly when keycloak is in docker-compose and project running locally ! but got error 401 when both worked on dokcer compose

IslemGharbi · March 5, 2024, 12:14pm

 crm: # Corrected capitalization for consistency
  image: "crm"
  build: ../CRM
  ports:
   - "8084:8084"
  environment:
   - EUREKA_CLIENT_SERVICEURL_DEFAULTZONE=http://discovery:8761/eureka/
   - spring.security.oauth2.resourceserver.jwt.jwk-set-uri=http://keycloak:8080/realms/projectManagement/protocol/openid-connect/certs
   - spring.security.oauth2.resourceserver.jwt.issuer-uri=http://keycloak:8080/realms/projectManagement
   - JWT_AUTH_CONVERTER_RESOURCE-ID=crm-service
   - spring.datasource.url=jdbc:mysql://crm-mysql-service:3306/crm
   - spring.datasource.password=root
   - JWT_AUTH_CONVERTER_PRINCIPLE-ATTRIBUTE=preferred_username
  depends_on:
   - discovery
   - gateway
   - keycloak
  networks:
   - app-network

 keycloak-mysql-service:
  image: mysql:latest
  environment:
   - spring.datasource.username=root
   - MYSQL_ROOT_PASSWORD=root
   - MYSQL_DATABASE=keycloak
  ports:
   - "3309:3306"
  networks:
   - app-network

 keycloak:
  image: quay.io/keycloak/keycloak:21.1.1
  hostname: keycloak
  ports:
   - "8080:8080"
  environment:
   DB_VENDOR: "mysql"
   DB_ADDR: "keycloak-mysql-service"  # Name of the mysql service
   DB_USER: "root"
   DB_PASSWORD: "root"  # Use the same password as in mysql config
   DB_DATABASE: "keycloak"
   KEYCLOAK_ADMIN: admin
   KEYCLOAK_ADMIN_PASSWORD: admin
  command:
   - "start-dev"
  networks:
   - app-network
````Preformatted text`

this is a sample of my docker compose `Preformatted text`

ThoreKr · March 6, 2024, 1:55pm

See my answer in Keycloak does not work with Spring Boot in docker compose - #2 by ThoreKr the environment variables used to configure keycloak are no longer valid.

Additionally, do you have any logs from keycloak or your app?

nass09 · May 2, 2024, 5:22pm

Hi, I have the exact same problem, if I run a keycloak in a container and my spring boot on localhost without docker it’s working but if I run both from my docker-compose file it’s not working, seems like the environment variable with the service name is changing the issuer uri : http://keycloak:8080/realms/realmName

Here is my error :

Bearer error=“invalid_token”, error_description=“An error occurred while attempting to decode the Jwt: The iss claim is not valid”, error_uri=“RFC 6750 - The OAuth 2.0 Authorization Framework: Bearer Token Usage”

I tried to set KC_HOSTNAME to localhost but nothing changed.

Any update on the solution I have to implement to resolve the issue ?

Topic		Replies	Views
Keycloak does not work with Spring Boot in docker compose	1	1537	March 6, 2024
Keycloak and spring app running on different docker containers Getting advice	0	146	September 1, 2024
Unable to resolve Configuration with the provided Issuer #5 authentication	5	2108	June 20, 2024
Issue with application in docker settings Securing applications authentication , oidc	2	537	August 19, 2024
Spring Boot - Keycloak running on Docker - 401 Authorized Issue	1	1506	March 5, 2024

My keycloak integration with spring worked perfectly when keycloak is in docker-compose and project running locally ! but got error 401 when both worked on dokcer compose

Related topics