Can Connec to KeyCloak but not Studio

[sqlcode]

TL:DR I can connect to KeyCloak and access Admin console. Per documentation, I have made changes in the Admin console to route to api studio but i am not able to access studio.

Here are the details.

1. I am trying to install keycloak and apicurio on a (single) remote linux machine (RHEL).

2. I have gone through documentation and installed keycloak successfully on a remote machine.

3. I was able to create initial admin and make recommended changes from the documentation.

4. i have changed xml file in the api curio and started api curio per documentation.

5. I can also access api curio studio url (http://localhost:8180/studio) when i am directly connected to linux machine.

6. I can connect to Keycloak admin panel from remote machine (from my macbook) by going to http://machineName:8080/auth This is working fine.

7. However, when i try to connect to studio url (http://machineName:8180/studio) from my macbook, I am getting connection refused error.

I understand that because i am able to access studio url locally from linux machine, issue is not with apicurio or keycloak but i plan to use this among my small team and unless i can access this remotely, it doesn't work.

Since I can access keycloak admin panel from my macbook, i tried to debug this a bit and i found that admin panel by default goes to 0 0.0.0.0:8080 but apicurio goes to 127.0.0.1:8180

[root@machineName ~]# netstat -tnlp | grep :8080
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 6810/java
[root@machineName ~]# netstat -tnlp | grep :8180
tcp 0 0 127.0.0.1:8180 0.0.0.0:* LISTEN 42082/java

Question is, is this normal configuration? If yes, what could be the issue?

[EricWittmann]

I am assuming you are using the Apicurio QuickStart which is based on WildFly. If so you will need to start it up like this: ./bin/standalone.sh -c standalone-apicurio.xml -b 0.0.0.0

[sqlcode]

I restarted my server and now my admin (keycloak) stopped working so I started that using ./bin/standalone.sh -b 0.0.0.0 and it started working.

I then tried to start apicurio using ./bin/standalone.sh -c standalone-apicurio.xml -b 0.0.0.0 but got below errors. I ran netstat to see which process is listening on 8180 but there is nothing.

MSC000001: Failed to start service org.wildfly.management.http.extensible: org.jboss.msc.service.StartException in service org.wildfly.management.http.extensible: java.net.BindException: Address already in use /127.0.0.1:9990

MSC000001: Failed to start service org.wildfly.management.http.extensible: org.jboss.msc.service.StartException in service org.wildfly.management.http.extensible: java.net.BindException: Address already in use /127.0.0.1:8443

[sqlcode]

I am sorry forgot to copy error message at 8080

Failed to start service org.wildfly.undertow.listener.default: org.jboss.msc.service.StartException in service org.wildfly.undertow.listener.default: Address already in use /0.0.0.0:8080

[sqlcode]

it looks like, when i start keycloak, it is starting a process that listens on 8443, 9990 and 8080. Now i am just unable to start apicurio. I tried both ways with and without port binding , ./bin/standalone.sh -c standalone-apicurio.xml -b 0.0.0.0 --> doesn't work

./bin/standalone.sh -c standalone-apicurio.xml --> doesn't work anymore

[EricWittmann]

You probably need to set the port offset for Apicurio. This explains it: http://www.mastertheboss.com/jboss-server/jboss-configuration/configuring-port-offset-on-jboss-as-wildfly Otherwise the key cloak and Apicurio apps will try to bind the same ports.

[sqlcode]

### First of all, Thanks a lot for your timely response. I truly appreciate that.

I did set the port offset. I am running apicurio using below command.

./bin/standalone.sh -c standalone-apicurio.xml -Djboss.socket.binding.port-offset=100

1. I started Keycloak using ./bin/standalone.sh -b 0.0.0.0

14:41:43,640 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0060: Http management interface listening on http://127.0.0.1:9990/management
14:41:43,640 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0051: Admin console listening on http://127.0.0.1:9990
14:41:43,640 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0025: Keycloak 4.1.0.Final (WildFly Core 3.0.8.Final) started in 8803ms - Started 545 of 881 services (604 services are lazy, passive or on-demand)

2. I am able to access keycloak at http://machineName:8080/auth

3. I was able to add realm of apicurio and was able to configure clients with
   3.1) Root URL of http://localhost:8180
   3.2) Valid Redirect URIs to http://0.0.0.0:8180/*
   3.3) Base URL of http://0.0.0.0:8180

4. I started apicurio using ./bin/standalone.sh -c standalone-apicurio.xml -Djboss.socket.binding.port-offset=100 -b 0.0.0.0

This way, I do get the service up and running but here are the last few messages i get.

14:43:52,799 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0060: Http management interface listening on http://127.0.0.1:10090/management
14:43:52,799 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0051: Admin console listening on http://127.0.0.1:10090
14:43:52,799 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0025: WildFly Full 14.0.1.Final (WildFly Core 6.0.2.Final) started in 8891ms - Started 683 of 868 services (337 services are lazy, passive or on-demand)

3. Now that i have both keycloak and apicurio up and running, i am trying to access apicurio using url below.

machineName:8180/studio

I get redirected to below url

http://localhost:8080/auth/realms/apicurio/protocol/openid-connect/auth?response_type=code&client_id=apicurio-studio&redirect_uri=http%3A%2F%2FmachineName%3A8180%2Fstudio%2F&state=50bc1e06-b4c0-4b81-a7bd-afe879450ba1&login=true&scope=openid

On this page, i am getting error message saying :-
**This site can’t be reached
localhost refused to connect.

ERR_CONNECTION_REFUSED**

4. So now i ssh into machineName and i issued wget wget http://localhost:8180/studio
   I am getting below

--2019-09-29 14:53:02-- http://localhost:8180/studio
Resolving localhost (localhost)... 127.0.0.1, ::1
Connecting to localhost (localhost)|127.0.0.1|:8180... connected.
HTTP request sent, awaiting response... 302 Found
Location: http://localhost:8180/studio/ [following]
--2019-09-29 14:53:02-- http://localhost:8180/studio/
Reusing existing connection to localhost:8180.
HTTP request sent, awaiting response... 302 Found
Location: http://localhost:8080/auth/realms/apicurio/protocol/openid-connect/auth?response_type=code&client_id=apicurio-studio&redirect_uri=http%3A%2F%2Flocalhost%3A8180%2Fstudio%2F&state=4203a01b-9a3e-423e-bf49-38210075f997&login=true&scope=openid [following]
--2019-09-29 14:53:02-- http://localhost:8080/auth/realms/apicurio/protocol/openid-connect/auth?response_type=code&client_id=apicurio-studio&redirect_uri=http%3A%2F%2Flocalhost%3A8180%2Fstudio%2F&state=4203a01b-9a3e-423e-bf49-38210075f997&login=true&scope=openid
Connecting to localhost (localhost)|127.0.0.1|:8080... connected.
HTTP request sent, awaiting response... 400 Bad Request
2019-09-29 14:53:02 ERROR 400: Bad Request.

5. Below is the result of telnet greps at ports 8080/8180/9990 and 8443 respectively.

tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 12935/java
tcp 0 0 0.0.0.0:8180 0.0.0.0:* LISTEN 13345/java
tcp 0 0 127.0.0.1:9990 0.0.0.0:* LISTEN 12935/java
tcp 0 0 0.0.0.0:8443 0.0.0.0:* LISTEN 12935/java

[sqlcode]

I think I found the issue. Duhhhh in step#3, i am using localhost but should have used machineName

Thanks a lot for your help. I am not able to use Apicurio Studio.

[EricWittmann]

I think I found the issue. Duhhhh in step#3, i am using localhost but should have used machineName

Thanks a lot for your help. I am not able to use Apicurio Studio.

I hope this was a typo and you meant now instead of "not". :) :)