Keycloak does not work with Spring Boot in docker compose

1

Hi everyone!

I am trying to dockerize an application in Spring and Keycloak with a Postgres database. This is my docker-compose.yml:


version: '3.3'

services:
  score_spring_boot:
    build:
      context: .
      dockerfile: Dockerfile
    ports:
      - "8080:8080"

    depends_on:
      - score_keycloak

    networks:
      - my-network

  score_keycloak:
    image: quay.io/keycloak/keycloak:22.0.3
    container_name: score_keycloak
    ports:
      - "9090:8080"
    environment:
      DB_VENDOR: POSTGRES
      DB_ADDR: score_postgres
      DB_PORT: 5432
      DB_DATABASE: keycloak
      DB_USER: keycloak
      DB_PASSWORD: admin
      KEYCLOAK_ADMIN: admin
      KEYCLOAK_ADMIN_PASSWORD: admin
    depends_on:
      - score_postgres
    command:
      - "start-dev"
    networks:
      - my-network

  score_postgres:
    image: postgres:latest
    container_name: score_postgres
    ports:
      - "5432:5432"
    environment:
      POSTGRES_DB: keycloak
      POSTGRES_USER: keycloak
      POSTGRES_PASSWORD: admin
    volumes:
      - pg_data:/var/lib/postgresql/data
    networks:
      - my-network

  pgadmin:
    container_name: pgadmin4_container
    image: dpage/pgadmin4:latest
    environment:
      PGADMIN_DEFAULT_EMAIL: admin@admin.com
      PGADMIN_DEFAULT_PASSWORD: admin
      PGADMIN_LISTEN_PORT: 80
    ports:
      - "5050:80"
    networks:
      - my-network

volumes:
  pg_data:

networks:
  my-network:
    driver: bridge

The problem occurs when I run docker-compose and try to access a secured endpoint, I get this:

score_spring_boot-1  | org.springframework.security.authentication.AuthenticationServiceException: An error occurred while attempting to decode the Jwt: Couldn't retrieve remote JWK set: org.springframework.web.client.ResourceAccessException: I/O error on GET request for "http://localhost:9090/auth/realms/score/protocol/openid-connect/certs": Connection refused

image
image1605×686 211 KB

Do I have to change in the client administration panel the server name to the container name ?

Your help would be very valuable! :hugs:

2

Surprisingly similar to My keycloak integration with spring worked perfectly when keycloak is in docker-compose and project running locally ! but got error 401 when both worked on dokcer compose are you using some kind of shared source which contains the same incorrect information?

Your compose file can’t work, does keycloak even start? The environment variables still to refer to the wildfly distribution, which is deprecated since version 18. You have to use the new environment variables to configure the database connection.

Next, keycloak doesn’t use the auth subpath any more.

Lastly, if you have separate containers, one container can’t reach the other one via localhost, try using keycloak:8080 to connect to keycloak.

However, you might encounter connection issues if your browser gets involved.