Open Ccampos93 opened 5 years ago
Could you fix it? I'm having a very similar problem here...
I ended up using [JWT plugin] (https://docs.konghq.com/hub/kong-inc/jwt/)
Thanks! I almost gave up, but in the meantime I got it working. I added this container to my docker compose: https://github.com/qoomon/docker-host It helps to access the docker host, just check out its readme to see how. I also had to add an entry to /etc/hosts so that my host machine can resolve the name "dockerhost". It's a bit clumsy, but works. Just ask me for further elaboration.
@pjotre86 i am getting a similar kind of issue. My keycloak and Kong both are deployed in pods in kubernetes cluster. Somehow kong is not able to resolve the discovery url. i am getting below error. I'll be grateful to you if you help me in resolving this issue.
my keycloak is accessible at http://keycloak.com:8081 on my machine
accessing discovery url (http://keycloak.sample.com:8081/auth/realms/master/.well-known/openid-configuration) failed: [cosocket] DNS resolution failed: dns server error: 3 name error. Tried: ["(short)keycloak.sample.com:(na) - cache-miss","keycloak.sample.com.default.svc.cluster.local:33 - cache-miss/scheduled/querying/dns server error: 3 name error","keycloak.sample.com.svc.cluster.local:33 - cache-miss/scheduled/querying/dns server error:
kong plugin configuration
apiVersion: configuration.konghq.com/v1
kind: KongPlugin
metadata:
name: oidc
config:
client_id: nginx
client_secret:
scope: openid
realm: kong
discovery: http://keycloak.sample.com:8081/auth/realms/master/.well-known/openid-configuration
plugin: oidc
this is very likely a networking / DNS issue in my view if you are using containers or non fqdn's
Hi @Trojan295,
I'm having trouble when using kong-oidc with keycloak. kong and keycloak are both running in docker containers in a server (192.168.1.123), keycloak configured to use port "8181:8080", and using ncarlier/kong:0.14.0
the problem is when I try to get to a service through kong, when typing in my local machine's browser http://192.168.1.123:8000/demo I get this message instead of redirecting to keycloak login page:
this is my plugin configuration: