springone2019
springone2019 copied to clipboard
jzheaux
Realms are not imported
The realms one-relam.json and two-realm.json are not imported on startup. The following error is observed:
keycloak_1 | 16:55:37,245 WARN [org.keycloak.services] (ServerService Thread Pool -- 69) KC-SERVICES0005: Unable to import realm one from file /tmp/one-realm.json.: java.lang.RuntimeException: Script upload is disabled
keycloak_1 | at [email protected]//org.keycloak.authorization.policy.provider.js.JSPolicyProviderFactory.updatePolicy(JSPolicyProviderFactory.java:125)
keycloak_1 | at [email protected]//org.keycloak.authorization.policy.provider.js.JSPolicyProviderFactory.onImport(JSPolicyProviderFactory.java:70)
...
keycloak_1 | 16:55:41,005 WARN [org.keycloak.services] (ServerService Thread Pool -- 69) KC-SERVICES0005: Unable to import realm two from file /tmp/two-realm.json.: java.lang.RuntimeException: Script upload is disabled
keycloak_1 | at [email protected]//org.keycloak.authorization.policy.provider.js.JSPolicyProviderFactory.updatePolicy(JSPolicyProviderFactory.java:125)
keycloak_1 | at [email protected]//org.keycloak.authorization.policy.provider.js.JSPolicyProviderFactory.onImport(JSPolicyProviderFactory.java:70)
When I also try to import it from the keycloak admin console, I get the following exception:
keycloak_1 | 16:58:33,866 WARN [org.hibernate.engine.jdbc.spi.SqlExceptionHelper] (default task-1) SQL Error: 23506, SQLState: 23506
keycloak_1 | 16:58:33,868 ERROR [org.hibernate.engine.jdbc.spi.SqlExceptionHelper] (default task-1) Referential integrity constraint violation: "FK_C_CLI_SCOPE_SCOPE: PUBLIC.CLIENT_SCOPE_CLIENT FOREIGN KEY(SCOPE_ID) REFERENCES PUBLIC.CLIENT_SCOPE(ID) ('677b61a4-705f-4d8d-b6e2-b9e2a4153522')"; SQL statement:
keycloak_1 | insert into CLIENT_SCOPE_CLIENT (DEFAULT_SCOPE, CLIENT_ID, SCOPE_ID) values (?, ?, ?) [23506-193]
keycloak_1 | 16:58:33,893 ERROR [org.keycloak.services] (default task-1) KC-SERVICES0037: Error creating admin: org.keycloak.models.ModelDuplicateException: javax.persistence.PersistenceException: org.hibernate.exception.ConstraintViolationException: could not execute statement
keycloak_1 | at [email protected]//org.keycloak.connections.jpa.PersistenceExceptionConverter.convert(PersistenceExceptionConverter.java:57)
You can make it work by using an older version of keycloak (6.0.1). Modify etc/docker-compose.yml so that the keycloack image specifie the correct version:
image: jboss/keycloak:6.0.1
change the docker compose file to be: KEYCLOAK_IMPORT: /tmp/one-realm.json,/tmp/two-realm.json -Dkeycloak.profile.feature.upload_scripts=enabled
@LBoraz I didn't work for me on keycloak 11, I get
FATAL [org.keycloak.services] (ServerService Thread Pool -- 69) Error during startup: java.lang.RuntimeException: java.io.FileNotFoundException: /opt/jboss/keycloak/my-realm.json (No such file or directory)
Even though I have verified that file exists there.
My bad @LBoraz , Had to do it in container image, else the file gets removed of something. Anyways works in Dockerfile:
ENV KEYCLOAK_IMPORT "/tmp/my_realm.json" -Dkeycloak.profile.feature.upload_scripts=enabled