Keycloak Admin Client throws error in server logs - keycloak

am using keycloak admin client with my custom SPI.
I am getting this error when am trying to to create keycloak builder.
previously i tried this solution also but this didnt worked for me.
keycloak version 20.0.2 quarkus dist
this is the code I am using for builder
KeycloakBuilder.builder()
.serverUrl("http://localhost:8080/")
.realm("xxxxx")
.username("xxxx")
.password("xxxxx")
.clientId("admin-cli")
.resteasyClient(
new ResteasyClientBuilder()
.connectionPoolSize(10).build()
).build();
here's the error log
2023-01-26 13:11:33,684 ERROR [org.keycloak.services.error.KeycloakErrorHandler] (executor-thread-4) Uncaught server error: java.lang.InstantiationError: org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder
at com.nafath.keycloak.NafathTokenAuthenticator.getKeycloakInstance(NafathTokenAuthenticator.java:178)
at com.nafath.keycloak.NafathTokenAuthenticator.saveNewUser(NafathTokenAuthenticator.java:127)
at com.nafath.keycloak.NafathTokenAuthenticator.authenticate(NafathTokenAuthenticator.java:116)
at org.keycloak.authentication.DefaultAuthenticationFlow.processSingleFlowExecutionModel(DefaultAuthenticationFlow.java:446)
at org.keycloak.authentication.DefaultAuthenticationFlow.processFlow(DefaultAuthenticationFlow.java:250)
at org.keycloak.authentication.AuthenticationProcessor.authenticateOnly(AuthenticationProcessor.java:1017)
at org.keycloak.authentication.AuthenticationProcessor.authenticate(AuthenticationProcessor.java:879)
at org.keycloak.protocol.AuthorizationEndpointBase.handleBrowserAuthenticationRequest(AuthorizationEndpointBase.java:151)
at org.keycloak.protocol.oidc.endpoints.AuthorizationEndpoint.buildAuthorizationCodeAuthorizationResponse(AuthorizationEndpoint.java:338)
at org.keycloak.protocol.oidc.endpoints.AuthorizationEndpoint.process(AuthorizationEndpoint.java:194)
at org.keycloak.protocol.oidc.endpoints.AuthorizationEndpoint.buildGet(AuthorizationEndpoint.java:112)
at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:104)
at java.base/java.lang.reflect.Method.invoke(Method.java:577)
at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:170)
at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:130)
at org.jboss.resteasy.core.ResourceMethodInvoker.internalInvokeOnTarget(ResourceMethodInvoker.java:660)
at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTargetAfterFilter(ResourceMethodInvoker.java:524)
at org.jboss.resteasy.core.ResourceMethodInvoker.lambda$invokeOnTarget$2(ResourceMethodInvoker.java:474)
at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:364)
at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:476)
at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:434)
at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:192)
at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:152)
at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:183)
at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:141)
at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:32)
at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:492)
at org.jboss.resteasy.core.SynchronousDispatcher.lambda$invoke$4(SynchronousDispatcher.java:261)
at org.jboss.resteasy.core.SynchronousDispatcher.lambda$preprocess$0(SynchronousDispatcher.java:161)
at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:364)
at org.jboss.resteasy.core.SynchronousDispatcher.preprocess(SynchronousDispatcher.java:164)
at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:247)
at io.quarkus.resteasy.runtime.standalone.RequestDispatcher.service(RequestDispatcher.java:73)
at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.dispatch(VertxRequestHandler.java:151)
at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.handle(VertxRequestHandler.java:82)
at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.handle(VertxRequestHandler.java:42)
at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1284)
at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:173)
at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:140)
at io.quarkus.vertx.http.runtime.StaticResourcesRecorder$2.handle(StaticResourcesRecorder.java:84)
at io.quarkus.vertx.http.runtime.StaticResourcesRecorder$2.handle(StaticResourcesRecorder.java:71)
at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1284)
at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:173)
at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:140)
at io.quarkus.vertx.http.runtime.VertxHttpRecorder$6.handle(VertxHttpRecorder.java:430)
at io.quarkus.vertx.http.runtime.VertxHttpRecorder$6.handle(VertxHttpRecorder.java:408)
at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1284)
at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:173)
at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:140)
at org.keycloak.quarkus.runtime.integration.web.QuarkusRequestFilter.lambda$createBlockingHandler$0(QuarkusRequestFilter.java:82)
at io.quarkus.vertx.core.runtime.VertxCoreRecorder$14.runWith(VertxCoreRecorder.java:564)
at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2449)
at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1478)
at org.jboss.threads.DelegatingRunnable.run(DelegatingRunnable.java:29)
at org.jboss.threads.ThreadLocalResettingRunnable.run(ThreadLocalResettingRunnable.java:29)
at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
at java.base/java.lang.Thread.run(Thread.java:833)
I tried it with resteasy version 4

Related

Spring Integration Email using IMAP Office 365

We are planning to use Spring Integration Mail Support with Office365 using IMAP however, it is not working as intended and we are getting authentication failed errors:
2022-12-19 08:45:12.257 ERROR --- [ scheduling-1] o.s.i.h.LoggingHandler : org.springframework.messaging.MessagingException: failure occurred while polling for mail; nested exception is javax.mail.AuthenticationFailedException: AUTHENTICATE failed.
at org.springframework.integration.mail.MailReceivingMessageSource.doReceive(MailReceivingMessageSource.java:74)
at org.springframework.integration.endpoint.AbstractMessageSource.receive(AbstractMessageSource.java:142)
at org.springframework.integration.endpoint.SourcePollingChannelAdapter.receiveMessage(SourcePollingChannelAdapter.java:212)
at org.springframework.integration.endpoint.AbstractPollingEndpoint.doPoll(AbstractPollingEndpoint.java:444)
at org.springframework.integration.endpoint.AbstractPollingEndpoint.pollForMessage(AbstractPollingEndpoint.java:413)
at org.springframework.integration.endpoint.AbstractPollingEndpoint.lambda$createPoller$4(AbstractPollingEndpoint.java:348)
at org.springframework.integration.util.ErrorHandlingTaskExecutor.lambda$execute$0(ErrorHandlingTaskExecutor.java:57)
at org.springframework.core.task.SyncTaskExecutor.execute(SyncTaskExecutor.java:50)
at org.springframework.integration.util.ErrorHandlingTaskExecutor.execute(ErrorHandlingTaskExecutor.java:55)
at org.springframework.integration.endpoint.AbstractPollingEndpoint.lambda$createPoller$5(AbstractPollingEndpoint.java:341)
at org.springframework.scheduling.support.DelegatingErrorHandlingRunnable.run(DelegatingErrorHandlingRunnable.java:54)
at org.springframework.scheduling.concurrent.ReschedulingRunnable.run(ReschedulingRunnable.java:95)
at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:539)
at java.base/java.util.concurrent.FutureTask.run$$$capture(FutureTask.java:264)
at java.base/java.util.concurrent.FutureTask.run(FutureTask.java)
at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:304)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
at java.base/java.lang.Thread.run(Thread.java:833)
Caused by: javax.mail.AuthenticationFailedException: AUTHENTICATE failed.
at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:708)
Note: It is working fine using GMAIL via App password but for Office365 its not. Here is the sample bean we have:
#Bean
public IntegrationFlow iMapIntegrationFlow(
// Remove for brevity
) {
log.info("[Email Integration] Creating Spring Integration Flow Bean");
var pollerSpec = Pollers
.fixedRate(5000)
.maxMessagesPerPoll(1);
return IntegrationFlows
.from(Mail.imapInboundAdapter("imap://username%40domain:PASSWORD#outlook.office365.com:993/INBOX")
.javaMailProperties(myJavaMailProperties)
.simpleContent(true)
.maxFetchSize(1),
e -> e.poller(pollerSpec))
.transform(myTransformer)
.handle(myHandler)
.get();
}
Below are my Java Mail properties:
mail.imap.port=993
mail.imaps.ssl.enable=true
mail.debug=true
Any help for the following questions are highly appreciated:
Is there something missing/incorrect in our config?
Is this basic authentication deprecation by MS causing the issue? https://learn.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/deprecation-of-basic-authentication-exchange-online
If item#2 is true then is there a documented way in Spring Integration Mail to support OAuth2?

Scala play framework - convert Rest API to HTTPS using .JKS file using organizational CA

Currently I am running scala play application, now it's HTTP APIs are working fine in my Angular UI application locally. But in our organization for higher environment we need to convert it to SSL HTTPS API.
We use our own organizational root CA and I got the myCA_trust.jks certificate file with me.
I added following properties in application.conf file,
play.server.https.keyStore.path="./myCA_trust.jks"
play.server.https.keyStore.password="change_me"
And for deploying the code I am creating the dist, and using following command to deploy it on linux server
./scala-rest-api -Dplay.http.secret.key="application_secreate_key" -Dhttps.port=8094 -Dplay.server.https.keyStore.path=./myCA_trust.jks -Dplay.server.https.keyStore.password=change_me
After doing this I can hit to the HTTPS URL using server address, but getting errors in server console like,
[error] a.a.OneForOneStrategy - ./myCA_trust.jks
akka.actor.ActorInitializationException: akka://application/system/StreamSupervisor-0/flow-2-1: exception during creation
at akka.actor.ActorInitializationException$.apply(Actor.scala:202)
at akka.actor.ActorCell.create(ActorCell.scala:698)
at akka.actor.ActorCell.invokeAll$1(ActorCell.scala:549)
at akka.actor.ActorCell.systemInvoke(ActorCell.scala:571)
at akka.dispatch.Mailbox.processAllSystemMessages(Mailbox.scala:293)
at akka.dispatch.Mailbox.run(Mailbox.scala:228)
at akka.dispatch.Mailbox.exec(Mailbox.scala:241)
at akka.dispatch.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260)
at akka.dispatch.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1339)
at akka.dispatch.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:1979)
Caused by: java.lang.reflect.InvocationTargetException: null
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
at play.core.server.ssl.ServerSSLEngine$.createScalaSSLEngineProvider(ServerSSLEngine.scala:116)
at play.core.server.ssl.ServerSSLEngine$.createSSLEngineProvider(ServerSSLEngine.scala:39)
at play.core.server.AkkaHttpServer$$anon$4$$anon$5.sslEngineProvider$lzycompute(AkkaHttpServer.scala:527)
at play.core.server.AkkaHttpServer$$anon$4$$anon$5.sslEngineProvider(AkkaHttpServer.scala:526)
at play.core.server.AkkaHttpServer$$anon$4$$anon$5.engineCreateSSLEngine(AkkaHttpServer.scala:528)
at javax.net.ssl.SSLContext.createSSLEngine(SSLContext.java:329)
Caused by: java.nio.file.NoSuchFileException: ./myCA_trust.jks
Please help me to configure HTTPS rest API URL, do let me know if there is anything else I need to add in the code and where.
Thanks and in advance.

Kubernetes Cloud Logging Authentication Issue

I have been trying to switch my application to use Google Cloud logging (aka Stackdriver). I have built a custom Logback appender which uses the Google Java Cloud Logging Library.
When I run my application in the IDE it logs correctly to Google Cloud Logging. When I run it inside a Kubernetes container on GKE, I get an Authentication Error. However in both scenarios I am use the same GCP Service Account.
I have even gone to the length of outputting the Key from the Google credentials object to prove they are the same in each environment. Which they are.
Does anyone have any ideas of what I might be missing? Is there any sort of context related settings that might cause authentication to fail from inside the container? Anyone got any ideas about what to try next?
Update: Here is the stack trace:
java.lang.RuntimeException: java.util.concurrent.ExecutionException: com.google.cloud.logging.LoggingException: io.grpc.StatusRuntimeException: UNAUTHENTICATED: Credentials should use fail() instead of throwing exceptions at java.lang.RuntimeException: java.util.concurrent.ExecutionException: com.google.cloud.logging.LoggingException: io.grpc.StatusRuntimeException: UNAUTHENTICATED: Credentials should use fail() instead of throwing exceptions at at com.google.cloud.logging.LoggingImpl.flush(LoggingImpl.java:579) at at com.google.cloud.logging.LoggingImpl.write(LoggingImpl.java:560) at at uk.co.processflows.platform.util.StackdriverAppender.append(StackdriverAppender.kt:135) at at uk.co.processflows.platform.util.StackdriverAppender.append(StackdriverAppender.kt:18) at at ch.qos.logback.core.UnsynchronizedAppenderBase.doAppend(UnsynchronizedAppenderBase.java:84) at at ch.qos.logback.core.spi.AppenderAttachableImpl.appendLoopOnAppenders(AppenderAttachableImpl.java:51) at at ch.qos.logback.classic.Logger.appendLoopOnAppenders(Logger.java:270) at at ch.qos.logback.classic.Logger.callAppenders(Logger.java:257) at at ch.qos.logback.classic.Logger.buildLoggingEventAndAppend(Logger.java:421) at at ch.qos.logback.classic.Logger.filterAndLog_0_Or3Plus(Logger.java:383) at at ch.qos.logback.classic.Logger.error(Logger.java:538) at at uk.co.processflows.platform.pushnotification.PushNotificationClient.forward(PushNotificationClient.kt:58) at at uk.co.processflows.platform.push.PushMessagingConnectionHandlerImpl.broadcast(PushMessagingConnectionHandlerImpl.kt:257) at at uk.co.processflows.platform.push.PushMessagingConnectionHandlerImpl.broadcastMessageToTenant(PushMessagingConnectionHandlerImpl.kt:153) at at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at at java.base/java.lang.reflect.Method.invoke(Method.java:567) at at com.google.inject.internal.DelegatingInvocationHandler.invoke(DelegatingInvocationHandler.java:50) at at com.sun.proxy.$Proxy69.broadcastMessageToTenant(Unknown Source) at at uk.co.processflows.platform.workflow.TaskLockControllerImpl$lockTask$2.run(TaskLockControllerImpl.kt:94) at at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515) at at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) at at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) at at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) at at java.base/java.lang.Thread.run(Thread.java:835) Caused by: java.util.concurrent.ExecutionException: com.google.cloud.logging.LoggingException: io.grpc.StatusRuntimeException: UNAUTHENTICATED: Credentials should use fail() instead of throwing exceptions at at com.google.common.util.concurrent.AbstractFuture.getDoneValue(AbstractFuture.java:552) at at com.google.common.util.concurrent.AbstractFuture.get(AbstractFuture.java:431) at at com.google.common.util.concurrent.AbstractFuture$TrustedFuture.get(AbstractFuture.java:97) at at com.google.common.util.concurrent.ForwardingFuture.get(ForwardingFuture.java:68) at at com.google.cloud.logging.LoggingImpl.flush(LoggingImpl.java:577) at ... 25 common frames omitted Caused by: com.google.cloud.logging.LoggingException: io.grpc.StatusRuntimeException: UNAUTHENTICATED: Credentials should use fail() instead of throwing exceptions at at com.google.cloud.logging.spi.v2.GrpcLoggingRpc$2.apply(GrpcLoggingRpc.java:190) at at com.google.cloud.logging.spi.v2.GrpcLoggingRpc$2.apply(GrpcLoggingRpc.java:184) at at com.google.api.core.ApiFutures$GaxFunctionToGuavaFunction.apply(ApiFutures.java:204) at at com.google.common.util.concurrent.AbstractCatchingFuture$CatchingFuture.doFallback(AbstractCatchingFuture.java:206) at at com.google.common.util.concurrent.AbstractCatchingFuture$CatchingFuture.doFallback(AbstractCatchingFuture.java:194) at at com.google.common.util.concurrent.AbstractCatchingFuture.run(AbstractCatchingFuture.java:107) at at com.google.common.util.concurrent.DirectExecutor.execute(DirectExecutor.java:30) at at com.google.common.util.concurrent.AbstractFuture.executeListener(AbstractFuture.java:1138) at at com.google.common.util.concurrent.AbstractFuture.complete(AbstractFuture.java:958) at at com.google.common.util.concurrent.AbstractFuture.setException(AbstractFuture.java:748) at at com.google.api.core.AbstractApiFuture$InternalSettableFuture.setException(AbstractApiFuture.java:95) at at com.google.api.core.AbstractApiFuture.setException(AbstractApiFuture.java:77) at at com.google.api.gax.rpc.BatchedFuture.setException(BatchedFuture.java:55) at at com.google.api.gax.rpc.BatchedRequestIssuer.sendResult(BatchedRequestIssuer.java:84) at at com.google.api.gax.rpc.BatchExecutor$1.onFailure(BatchExecutor.java:98) at at com.google.api.core.ApiFutures$1.onFailure(ApiFutures.java:68) at at com.google.common.util.concurrent.Futures$CallbackListener.run(Futures.java:1056) at at com.google.common.util.concurrent.DirectExecutor.execute(DirectExecutor.java:30) at at com.google.common.util.concurrent.AbstractFuture.executeListener(AbstractFuture.java:1138) at at com.google.common.util.concurrent.AbstractFuture.complete(AbstractFuture.java:958) at at com.google.common.util.concurrent.AbstractFuture.setException(AbstractFuture.java:748) at at com.google.api.gax.retrying.BasicRetryingFuture.handleAttempt(BasicRetryingFuture.java:179) at at com.google.api.gax.retrying.CallbackChainRetryingFuture$AttemptCompletionListener.handle(CallbackChainRetryingFuture.java:135) at at com.google.api.gax.retrying.CallbackChainRetryingFuture$AttemptCompletionListener.run(CallbackChainRetryingFuture.java:117) at at com.google.common.util.concurrent.DirectExecutor.execute(DirectExecutor.java:30) at at com.google.common.util.concurrent.AbstractFuture.executeListener(AbstractFuture.java:1138) at at com.google.common.util.concurrent.AbstractFuture.complete(AbstractFuture.java:958) at at com.google.common.util.concurrent.AbstractFuture.setException(AbstractFuture.java:748) at at com.google.api.core.AbstractApiFuture$InternalSettableFuture.setException(AbstractApiFuture.java:95) at at com.google.api.core.AbstractApiFuture.setException(AbstractApiFuture.java:77) at at com.google.api.gax.grpc.GrpcExceptionCallable$ExceptionTransformingFuture.onFailure(GrpcExceptionCallable.java:97) at at com.google.api.core.ApiFutures$1.onFailure(ApiFutures.java:68) at at com.google.common.util.concurrent.Futures$CallbackListener.run(Futures.java:1056) at at com.google.common.util.concurrent.DirectExecutor.execute(DirectExecutor.java:30) at at com.google.common.util.concurrent.AbstractFuture.executeListener(AbstractFuture.java:1138) at at com.google.common.util.concurrent.AbstractFuture.complete(AbstractFuture.java:958) at at com.google.common.util.concurrent.AbstractFuture.setException(AbstractFuture.java:748) at at io.grpc.stub.ClientCalls$GrpcFuture.setException(ClientCalls.java:515) at at io.grpc.stub.ClientCalls$UnaryStreamToFuture.onClose(ClientCalls.java:490) at at io.grpc.PartialForwardingClientCallListener.onClose(PartialForwardingClientCallListener.java:39) at at io.grpc.ForwardingClientCallListener.onClose(ForwardingClientCallListener.java:23) at at io.grpc.ForwardingClientCallListener$SimpleForwardingClientCallListener.onClose(ForwardingClientCallListener.java:40) at at io.grpc.internal.CensusStatsModule$StatsClientInterceptor$1$1.onClose(CensusStatsModule.java:699) at at io.grpc.PartialForwardingClientCallListener.onClose(PartialForwardingClientCallListener.java:39) at at io.grpc.ForwardingClientCallListener.onClose(ForwardingClientCallListener.java:23) at at io.grpc.ForwardingClientCallListener$SimpleForwardingClientCallListener.onClose(ForwardingClientCallListener.java:40) at at io.grpc.internal.CensusTracingModule$TracingClientInterceptor$1$1.onClose(CensusTracingModule.java:397) at at io.grpc.internal.ClientCallImpl.closeObserver(ClientCallImpl.java:459) at at io.grpc.internal.ClientCallImpl.access$300(ClientCallImpl.java:63) at at io.grpc.internal.ClientCallImpl$ClientStreamListenerImpl.close(ClientCallImpl.java:546) at at io.grpc.internal.ClientCallImpl$ClientStreamListenerImpl.access$600(ClientCallImpl.java:467) at at io.grpc.internal.ClientCallImpl$ClientStreamListenerImpl$1StreamClosed.runInContext(ClientCallImpl.java:584) at at io.grpc.internal.ContextRunnable.run(ContextRunnable.java:37) at at io.grpc.internal.SerializingExecutor.run(SerializingExecutor.java:123) at at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515) at at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) at at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:304) at ... 3 common frames omitted Caused by: com.google.api.gax.rpc.UnauthenticatedException: io.grpc.StatusRuntimeException: UNAUTHENTICATED: Credentials should use fail() instead of throwing exceptions at at com.google.api.gax.rpc.ApiExceptionFactory.createException(ApiExceptionFactory.java:73) at at com.google.api.gax.grpc.GrpcApiExceptionFactory.create(GrpcApiExceptionFactory.java:72) at at com.google.api.gax.grpc.GrpcApiExceptionFactory.create(GrpcApiExceptionFactory.java:60) at ... 30 common frames omitted Caused by: io.grpc.StatusRuntimeException: UNAUTHENTICATED: Credentials should use fail() instead of throwing exceptions at at io.grpc.Status.asRuntimeException(Status.java:532) at ... 22 common frames omitted Caused by: java.lang.NoSuchMethodError: io.grpc.MethodDescriptor.getServiceName()Ljava/lang/String; at at io.grpc.auth.GoogleAuthLibraryCallCredentials.serviceUri(GoogleAuthLibraryCallCredentials.java:162) at at io.grpc.auth.GoogleAuthLibraryCallCredentials.applyRequestMetadata(GoogleAuthLibraryCallCredentials.java:103) at at io.grpc.CallCredentials2.applyRequestMetadata(CallCredentials2.java:58) at at io.grpc.internal.CallCredentialsApplyingTransportFactory$CallCredentialsApplyingTransport.newStream(CallCredentialsApplyingTransportFactory.java:107) at at io.grpc.internal.ForwardingConnectionClientTransport.newStream(ForwardingConnectionClientTransport.java:49) at at io.grpc.internal.InternalSubchannel$CallTracingTransport.newStream(InternalSubchannel.java:690) at at io.grpc.internal.ClientCallImpl.start(ClientCallImpl.java:245) at at io.grpc.internal.CensusTracingModule$TracingClientInterceptor$1.start(CensusTracingModule.java:392) at at io.grpc.internal.CensusStatsModule$StatsClientInterceptor$1.start(CensusStatsModule.java:694) at at io.grpc.ForwardingClientCall.start(ForwardingClientCall.java:32) at at com.google.api.gax.grpc.GrpcHeaderInterceptor$1.start(GrpcHeaderInterceptor.java:94) at at io.grpc.stub.ClientCalls.startCall(ClientCalls.java:310) at at io.grpc.stub.ClientCalls.asyncUnaryRequestCall(ClientCalls.java:282) at at io.grpc.stub.ClientCalls.futureUnaryCall(ClientCalls.java:191) at at com.google.api.gax.grpc.GrpcDirectCallable.futureCall(GrpcDirectCallable.java:58) at at com.google.api.gax.grpc.GrpcExceptionCallable.futureCall(GrpcExceptionCallable.java:64) at at com.google.api.gax.rpc.AttemptCallable.call(AttemptCallable.java:86) at at com.google.api.gax.rpc.RetryingCallable.futureCall(RetryingCallable.java:63) at at com.google.api.gax.rpc.RetryingCallable.futureCall(RetryingCallable.java:41) at at com.google.api.gax.tracing.TracedBatchingCallable.futureCall(TracedBatchingCallable.java:82) at at com.google.api.gax.rpc.UnaryCallable$1.futureCall(UnaryCallable.java:126) at at com.google.api.gax.rpc.UnaryCallable.futureCall(UnaryCallable.java:87) at at com.google.api.gax.rpc.BatchExecutor.processBatch(BatchExecutor.java:82) at at com.google.api.gax.rpc.BatchExecutor.processBatch(BatchExecutor.java:53) at at com.google.api.gax.batching.ThresholdBatcher.pushCurrentBatch(ThresholdBatcher.java:233) at at com.google.api.gax.batching.ThresholdBatcher$1.run(ThresholdBatcher.java:76) at ... 6 common frames omitted
Update 2:
I have just spotted deep inside the caused by hiarchy of the stack trace there is this message.
Caused by: java.lang.NoSuchMethodError: io.grpc.MethodDescriptor.getServiceName()Ljava/lang/String; at at io.grpc.auth.GoogleAuthLibraryCallCredentials.serviceUri(GoogleAuthLibraryCallCredentials.java:162)
That doesn't sound much like an authentication problem.
Update I did not see the stack trace when I originally answered this question, and it leads me to be believe your issue is not with authentication at all. My answer may be relevant to those seeing an authentication issue with GCP APIs in GKE, so I'll leave the original here.
Original If you're getting an authentication error, it's likely you're not using the service account key correctly. You can read this tutorial to learn about how it should be done. In short, you need to export the service account key as a JSON file and mount it as a secret.
Given your issue with using the library, you might want to write your logs directly. This doc on creating structured logs might be helpful.
It turns out there was a dependancy compatibility issue with the GRPC jars. Our application uses GRPC as does apparently the Google Could Logging library. Changing our app to use the older version of GRPC that the Google cloud logging library was built against fixed the issue.
It appears when running in the container the jar files are loaded in a different order than running locally. Hence why this only happened inside Kubernetes.

Openam - Unable to get Application SSO Token

I am trying to bring up my tomcat server on which OpenAM is installed but the server fails on startup because the Policy Agent installed on the same server is trying to access a naming service on the same server.
I am just in the middle of a proof of concept and I am following the instructions given by ForgeRock documentation but I am unable to get this setup working.
Is there a way to run the OpenAM+Policy Agent on the same server? Any help in this would be really really appreciated! Thanks!
com.sun.identity.authentication.spi.AuthLoginException: Failed to create new Authentication Context: Naming Service is not available
SEVERE: Begin event threw error java.lang.ExceptionInInitializerError
at com.sun.identity.agents.arch.Manager.<clinit>(Manager.java:675)
at com.sun.identity.agents.tomcat.v6.AmTomcatRealm.<clinit>(AmTomcatRealm.java:67)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:526)
at java.lang.Class.newInstance(Class.java:379)
at org.apache.tomcat.util.digester.ObjectCreateRule.begin(ObjectCreateRule.java:145)
at org.apache.tomcat.util.digester.Digester.startElement(Digester.java:1288)
at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.startElement(AbstractSAXParser.java:509)
at com.sun.org.apache.xerces.internal.parsers.AbstractXMLDocumentParser.emptyElement(AbstractXMLDocumentParser.java:182)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanStartElement(XMLDocumentFragmentScannerImpl.java:1343)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(XMLDocumentFragmentScannerImpl.java:2786)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocumentScannerImpl.java:606)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:510)
at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:848)
at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:777)
at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:141)
at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1213)
at com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(SAXParserImpl.java:648)
at org.apache.tomcat.util.digester.Digester.parse(Digester.java:1561)
at org.apache.catalina.startup.Catalina.load(Catalina.java:615)
at org.apache.catalina.startup.Catalina.load(Catalina.java:663)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:280)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:454) Caused by: java.lang.RuntimeException: Failed to load configuration: ApplicationSSOTokenProvider.getApplicationSSOToken(): Unable to get Application SSO Token
at com.sun.identity.agents.arch.AgentConfiguration.bootStrapClientConfiguration(AgentConfiguration.java:790)
at com.sun.identity.agents.arch.AgentConfiguration.initializeConfiguration(AgentConfiguration.java:1140)
at com.sun.identity.agents.arch.AgentConfiguration.<clinit>(AgentConfiguration.java:1579)
... 29 more
I think this part of the documentation is quite relevant:
Do not install the Java EE policy agent in the same container as OpenAM. OpenAM must be up and running before the Java EE policy agent starts. This cannot be guaranteed when both run in the same container. ForgeRock does not support configurations where OpenAM and the Java EE policy agent are installed in the same container.

problems when deploying WebDSL app to Tomcat v6.0

I get the following error while deploying my webDSL app to Tomcat v6.0 using the WebDSl eclipse plugin
type Exception report
message
description The server encountered an internal error () that prevented it from fulfilling this request.
exception
javax.servlet.ServletException: Servlet.init() for servlet mainservlet threw exception
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:857)
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588)
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
java.lang.Thread.run(Unknown Source)
root cause
org.hibernate.TransactionException: Transaction not successfully started
org.hibernate.transaction.JDBCTransaction.rollback(JDBCTransaction.java:179)
utils.DispatchServlet.tryLoadGlobalsAndPerformInit(DispatchServlet.java:31)
utils.DispatchServlet.init(DispatchServlet.java:39)
javax.servlet.GenericServlet.init(GenericServlet.java:212)
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:857)
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588)
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
java.lang.Thread.run(Unknown Source)
It stopped working last evening.
I tried rebooting that didn't work :(
The 'Transaction not successfully started' error indicates an issue with the database connection. Try logging into MySQL with the command-line client to verify that MySQL is running and the credentials are correct. After logging in, check that the database exists.
For further help you can also visit IRC (#webdsl channel on irc.freenode.net), ask on the mailing list (https://mailman.st.ewi.tudelft.nl/listinfo/webdsl), or post issues at http://yellowgrass.org/project/WebDSL.