Uploaded image for project: 'Red Hat OpenShift Dev Spaces (formerly CodeReady Workspaces) '
  1. Red Hat OpenShift Dev Spaces (formerly CodeReady Workspaces)
  2. CRW-1405

Multiple network errors of OS OAuth authentication in CRW 2.5.1.RC-12-01 on QE OCP 4.6

XMLWordPrintable

    • Icon: QE Task QE Task
    • Resolution: Done
    • Icon: Critical Critical
    • 2.5.1.GA
    • 2.5.0.GA, 2.5.1.GA
    • testing
    • None
    • False
    • False
    • Undefined

      There were multiple CRW 2.5.1.RC-12-01 E2E tests failure caused by OS OAuth login errors https://codeready-workspaces-jenkins.rhev-ci-vms.eng.rdu2.redhat.com/blue/organizations/jenkins/crw-operatorhub-tls-oauth/detail/crw-operatorhub-tls-oauth/540/
       
      Refresh on web-page did help to login.

      The same error had happened on CRW 2.5.0 on the same QE OCP 4.6 instance https://codeready-workspaces-jenkins.rhev-ci-vms.eng.rdu2.redhat.com/job/typescript-tests/18544/

      The problem hadn't been reproduced on QE OCP 4.5.
       

      An example: https://codeready-workspaces-jenkins.rhev-ci-vms.eng.rdu2.redhat.com/job/typescript-tests/18526/

       

      "Codeready server logs: https://codeready-workspaces-jenkins.rhev-ci-vms.eng.rdu2.redhat.com/job/typescript-tests/18526/artifact/logs-and-configs/logs/codeready-6fd885c866-z95d6.pod.log/*view*/"
      020-12-01 04:34:19,133[aceSharedPool-0]  [ERROR] [.IdentityProviderConfigFactory 204]  - Cannot retrieve User OpenShift token from the  'openshift-v4' identity provider
java.io.IOException: Failed access: https://keycloak-crw-operatorhub-tls-oauth.apps.ocp46.crw-qe.com/auth/realms/codeready/broker/openshift-v4/token?token, method: GET, response code: 502, message: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" class="login-pf">

<head>
    <meta charset="utf-8">
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
    <meta name="robots" content="noindex, nofollow">

            <meta name="viewport" content="width=device-width,initial-scale=1"/>
    <title>Log in to CodeReady Workspaces</title>
    <link rel="icon" href="/auth/resources/qulgq/login/rh-sso/img/favicon.ico" />
            <link href="/auth/resources/qulgq/login/rh-sso/node_modules/rcue/dist/css/rcue.min.css" rel="stylesheet" />
            <link href="/auth/resources/qulgq/login/rh-sso/node_modules/rcue/dist/css/rcue-additions.min.css" rel="stylesheet" />
            <link href="/auth/resources/qulgq/login/rh-sso/lib/zocial/zocial.css" rel="stylesheet" />
            <link href="/auth/resources/qulgq/login/rh-sso/css/login.css" rel="stylesheet" />
            <link href="/auth/resources/qulgq/login/rh-sso/css/login-rhsso.css" rel="stylesheet" />
</head>

<body class="">
  <div class="login-pf-page">
    <div id="kc-header" class="login-pf-page-header">
      <div id="kc-header-wrapper" class="">CodeReady Workspaces</div>
    </div>
    <div class="card-pf ">
      <header class="login-pf-header">
                <h1 id="kc-page-title">        We are sorry...
</h1>
      </header>
      <div id="kc-content">
        <div id="kc-content-wrapper">


        <div id="kc-error-message">
            <p class="instruction">Could not obtain token from identity provider.</p>
        </div>


        </div>
      </div>

    </div>
  </div>
</body>
</html>

	at org.eclipse.che.multiuser.keycloak.server.KeycloakServiceClient.doRequest(KeycloakServiceClient.java:203)
	at org.eclipse.che.multiuser.keycloak.server.KeycloakServiceClient.getIdentityProviderToken(KeycloakServiceClient.java:135)
	at org.eclipse.che.workspace.infrastructure.openshift.multiuser.oauth.IdentityProviderConfigFactory.personalizeConfig(IdentityProviderConfigFactory.java:173)
	at org.eclipse.che.workspace.infrastructure.openshift.multiuser.oauth.IdentityProviderConfigFactory.buildConfig(IdentityProviderConfigFactory.java:167)
	at org.eclipse.che.workspace.infrastructure.openshift.OpenShiftClientFactory.buildConfig(OpenShiftClientFactory.java:142)
	at org.eclipse.che.workspace.infrastructure.openshift.OpenShiftClientFactory.createOC(OpenShiftClientFactory.java:96)
	at org.eclipse.che.workspace.infrastructure.openshift.project.OpenShiftRoutes.delete(OpenShiftRoutes.java:84)
	at org.eclipse.che.workspace.infrastructure.kubernetes.namespace.KubernetesNamespace.doRemove(KubernetesNamespace.java:216)
	at org.eclipse.che.workspace.infrastructure.openshift.project.OpenShiftProject.cleanUp(OpenShiftProject.java:148)
	at org.eclipse.che.workspace.infrastructure.kubernetes.RuntimeCleaner.cleanUp(RuntimeCleaner.java:56)
	at org.eclipse.che.workspace.infrastructure.kubernetes.KubernetesInternalRuntime.internalStart(KubernetesInternalRuntime.java:201)
	at org.eclipse.che.api.workspace.server.spi.InternalRuntime.start(InternalRuntime.java:141)
	at org.eclipse.che.api.workspace.server.WorkspaceRuntimes$StartRuntimeTask.run(WorkspaceRuntimes.java:960)
	at org.eclipse.che.commons.lang.concurrent.CopyThreadLocalRunnable.run(CopyThreadLocalRunnable.java:38)
	at java.base/java.util.concurrent.CompletableFuture$AsyncRun.run(CompletableFuture.java:1736)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
	at java.base/java.lang.Thread.run(Thread.java:834)
2020-12-01 04:34:22,613[aceSharedPool-0]  [WARN ] [.i.k.KubernetesInternalRuntime 255]  - Failed to start Kubernetes runtime of workspace workspacexb2vb6iatukjzshb.
org.eclipse.che.api.workspace.server.spi.InfrastructureException: Error(s) occurs while cleaning up the namespace. Failed access: https://keycloak-crw-operatorhub-tls-oauth.apps.ocp46.crw-qe.com/auth/realms/codeready/broker/openshift-v4/token?token, method: GET, response code: 502, message: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" class="login-pf">

<head>
    <meta charset="utf-8">
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
    <meta name="robots" content="noindex, nofollow">

            <meta name="viewport" content="width=device-width,initial-scale=1"/>
    <title>Log in to CodeReady Workspaces</title>
    <link rel="icon" href="/auth/resources/qulgq/login/rh-sso/img/favicon.ico" />
            <link href="/auth/resources/qulgq/login/rh-sso/node_modules/rcue/dist/css/rcue.min.css" rel="stylesheet" />
            <link href="/auth/resources/qulgq/login/rh-sso/node_modules/rcue/dist/css/rcue-additions.min.css" rel="stylesheet" />
            <link href="/auth/resources/qulgq/login/rh-sso/lib/zocial/zocial.css" rel="stylesheet" />
            <link href="/auth/resources/qulgq/login/rh-sso/css/login.css" rel="stylesheet" />
            <link href="/auth/resources/qulgq/login/rh-sso/css/login-rhsso.css" rel="stylesheet" />
</head>

<body class="">
  <div class="login-pf-page">
    <div id="kc-header" class="login-pf-page-header">
      <div id="kc-header-wrapper" class="">CodeReady Workspaces</div>
    </div>
    <div class="card-pf ">
      <header class="login-pf-header">
                <h1 id="kc-page-title">        We are sorry...
</h1>
      </header>
      <div id="kc-content">
        <div id="kc-content-wrapper">


        <div id="kc-error-message">
            <p class="instruction">Could not obtain token from identity provider.</p>
        </div>


        </div>
      </div>

    </div>
  </div>
</body>
</html>

	at org.eclipse.che.workspace.infrastructure.kubernetes.namespace.KubernetesNamespace.doRemove(KubernetesNamespace.java:230)
	at org.eclipse.che.workspace.infrastructure.openshift.project.OpenShiftProject.cleanUp(OpenShiftProject.java:148)
	at org.eclipse.che.workspace.infrastructure.kubernetes.RuntimeCleaner.cleanUp(RuntimeCleaner.java:56)
	at org.eclipse.che.workspace.infrastructure.kubernetes.KubernetesInternalRuntime.internalStart(KubernetesInternalRuntime.java:201)
	at org.eclipse.che.api.workspace.server.spi.InternalRuntime.start(InternalRuntime.java:141)
	at org.eclipse.che.api.workspace.server.WorkspaceRuntimes$StartRuntimeTask.run(WorkspaceRuntimes.java:960)
	at org.eclipse.che.commons.lang.concurrent.CopyThreadLocalRunnable.run(CopyThreadLocalRunnable.java:38)
	at java.base/java.util.concurrent.CompletableFuture$AsyncRun.run(CompletableFuture.java:1736)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
	at java.base/java.lang.Thread.run(Thread.java:834)
2020-12-01 04:34:22,884[aceSharedPool-0]  [INFO ] [o.e.c.a.w.s.WorkspaceRuntimes 984]   - Workspace 'admin:java-eap-maven-dmpeg' with id 'workspacexb2vb6iatukjzshb' start failed
2020-12-01 04:54:17,278[nio-8080-exec-5]  [ERROR] [.IdentityProviderConfigFactory 204]  - Cannot retrieve User OpenShift token from the  'openshift-v4' identity provider
java.io.IOException: Failed access: https://keycloak-crw-operatorhub-tls-oauth.apps.ocp46.crw-qe.com/auth/realms/codeready/broker/openshift-v4/token?token, method: GET, response code: 502, message: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" class="login-pf">

<head>
    <meta charset="utf-8">
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
    <meta name="robots" content="noindex, nofollow">

            <meta name="viewport" content="width=device-width,initial-scale=1"/>
    <title>Log in to CodeReady Workspaces</title>
    <link rel="icon" href="/auth/resources/qulgq/login/rh-sso/img/favicon.ico" />
            <link href="/auth/resources/qulgq/login/rh-sso/node_modules/rcue/dist/css/rcue.min.css" rel="stylesheet" />
            <link href="/auth/resources/qulgq/login/rh-sso/node_modules/rcue/dist/css/rcue-additions.min.css" rel="stylesheet" />
            <link href="/auth/resources/qulgq/login/rh-sso/lib/zocial/zocial.css" rel="stylesheet" />
            <link href="/auth/resources/qulgq/login/rh-sso/css/login.css" rel="stylesheet" />
            <link href="/auth/resources/qulgq/login/rh-sso/css/login-rhsso.css" rel="stylesheet" />
</head>

<body class="">
  <div class="login-pf-page">
    <div id="kc-header" class="login-pf-page-header">
      <div id="kc-header-wrapper" class="">CodeReady Workspaces</div>
    </div>
    <div class="card-pf ">
      <header class="login-pf-header">
                <h1 id="kc-page-title">        We are sorry...
</h1>
      </header>
      <div id="kc-content">
        <div id="kc-content-wrapper">


        <div id="kc-error-message">
            <p class="instruction">Could not obtain token from identity provider.</p>
        </div>


        </div>
      </div>

    </div>
  </div>
</body>
</html>

	at org.eclipse.che.multiuser.keycloak.server.KeycloakServiceClient.doRequest(KeycloakServiceClient.java:203)
	at org.eclipse.che.multiuser.keycloak.server.KeycloakServiceClient.getIdentityProviderToken(KeycloakServiceClient.java:135)
	at org.eclipse.che.workspace.infrastructure.openshift.multiuser.oauth.IdentityProviderConfigFactory.personalizeConfig(IdentityProviderConfigFactory.java:173)
	at org.eclipse.che.workspace.infrastructure.openshift.multiuser.oauth.IdentityProviderConfigFactory.buildConfig(IdentityProviderConfigFactory.java:150)
	at org.eclipse.che.workspace.infrastructure.openshift.OpenShiftClientFactory.buildConfig(OpenShiftClientFactory.java:142)
	at org.eclipse.che.workspace.infrastructure.kubernetes.KubernetesClientFactory.create(KubernetesClientFactory.java:89)
	at org.eclipse.che.workspace.infrastructure.kubernetes.namespace.KubernetesPersistentVolumeClaims.delete(KubernetesPersistentVolumeClaims.java:150)
	at org.eclipse.che.workspace.infrastructure.kubernetes.namespace.pvc.PerWorkspacePVCStrategy.cleanup(PerWorkspacePVCStrategy.java:105)
	at org.eclipse.che.workspace.infrastructure.kubernetes.namespace.pvc.WorkspacePVCCleaner.lambda$subscribe$0(WorkspacePVCCleaner.java:56)
	at org.eclipse.che.api.core.notification.EventService.publish(EventService.java:108)
	at org.eclipse.che.multiuser.permission.workspace.server.spi.jpa.MultiuserJpaWorkspaceDao.lambda$remove$0(MultiuserJpaWorkspaceDao.java:112)
	at java.base/java.util.Optional.ifPresent(Optional.java:183)
	at org.eclipse.che.multiuser.permission.workspace.server.spi.jpa.MultiuserJpaWorkspaceDao.remove(MultiuserJpaWorkspaceDao.java:111)
	at org.eclipse.che.api.workspace.server.WorkspaceManager.removeWorkspace(WorkspaceManager.java:362)
	at org.eclipse.che.api.workspace.server.WorkspaceService.delete(WorkspaceService.java:360)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:566)
	at org.everrest.core.impl.method.DefaultMethodInvoker.invokeMethod(DefaultMethodInvoker.java:141)
	at org.everrest.core.impl.method.DefaultMethodInvoker.invokeMethod(DefaultMethodInvoker.java:61)
	at org.everrest.core.impl.RequestDispatcher.doInvokeResource(RequestDispatcher.java:307)
	at org.everrest.core.impl.RequestDispatcher.invokeSubResourceMethod(RequestDispatcher.java:298)
	at org.everrest.core.impl.RequestDispatcher.dispatch(RequestDispatcher.java:234)
	at org.everrest.core.impl.RequestDispatcher.dispatch(RequestDispatcher.java:129)
	at org.everrest.core.impl.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:63)
	at org.everrest.core.impl.EverrestProcessor.process(EverrestProcessor.java:121)
	at org.everrest.core.servlet.EverrestServlet.service(EverrestServlet.java:62)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
	at com.google.inject.servlet.ServletDefinition.doServiceImpl(ServletDefinition.java:290)
	at com.google.inject.servlet.ServletDefinition.doService(ServletDefinition.java:280)
	at com.google.inject.servlet.ServletDefinition.service(ServletDefinition.java:184)
	at com.google.inject.servlet.ManagedServletPipeline.service(ManagedServletPipeline.java:89)
	at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:85)
	at org.eclipse.che.commons.logback.filter.IdentityIdLoggerFilter.doFilter(IdentityIdLoggerFilter.java:49)
	at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82)
	at org.eclipse.che.multiuser.api.authentication.commons.filter.MultiUserEnvironmentInitializationFilter.doFilter(MultiUserEnvironmentInitializationFilter.java:142)
	at org.eclipse.che.multiuser.keycloak.server.KeycloakEnvironmentInitializationFilter.doFilter(KeycloakEnvironmentInitializationFilter.java:88)
	at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82)
	at org.eclipse.che.multiuser.machine.authentication.server.MachineLoginFilter.doFilter(MachineLoginFilter.java:76)
	at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82)
	at org.eclipse.che.commons.logback.filter.RequestIdLoggerFilter.doFilter(RequestIdLoggerFilter.java:50)
	at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82)
	at com.google.inject.servlet.ManagedFilterPipeline.dispatch(ManagedFilterPipeline.java:121)
	at com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:133)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:543)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
	at org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:747)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:615)
	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:818)
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1627)
	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)

       

       

      "RH SSO logs: https://codeready-workspaces-jenkins.rhev-ci-vms.eng.rdu2.redhat.com/job/typescript-tests/18526/artifact/logs-and-configs/logs/keycloak-dc5f7794-ppxf6.pod.log"
      [0m[33m04:34:22,533 WARN  [org.keycloak.events] (default task-1) type=IDENTITY_PROVIDER_RETRIEVE_TOKEN_ERROR, realmId=af1cb071-196f-4426-ad7c-209fd3108faa, clientId=null, userId=null, ipAddress=192.169.2.130, error=couldNotObtainTokenMessage
[0m[31m04:34:22,534 ERROR [org.keycloak.services.resources.IdentityBrokerService] (default task-1) couldNotObtainTokenMessage: org.keycloak.broker.provider.IdentityBrokerException: Could not initialize oAuth metadata
	at org.keycloak.keycloak-services@9.0.9.redhat-00001//org.keycloak.social.openshift.OpenshiftV4IdentityProvider.getAuthJson(OpenshiftV4IdentityProvider.java:53)
	at org.keycloak.keycloak-services@9.0.9.redhat-00001//org.keycloak.social.openshift.OpenshiftV4IdentityProvider.<init>(OpenshiftV4IdentityProvider.java:40)
	at org.keycloak.keycloak-services@9.0.9.redhat-00001//org.keycloak.social.openshift.OpenshiftV4IdentityProviderFactory.create(OpenshiftV4IdentityProviderFactory.java:25)
	at org.keycloak.keycloak-services@9.0.9.redhat-00001//org.keycloak.social.openshift.OpenshiftV4IdentityProviderFactory.create(OpenshiftV4IdentityProviderFactory.java:13)
	at org.keycloak.keycloak-services@9.0.9.redhat-00001//org.keycloak.services.resources.IdentityBrokerService.getIdentityProvider(IdentityBrokerService.java:1263)
	at org.keycloak.keycloak-services@9.0.9.redhat-00001//org.keycloak.services.resources.IdentityBrokerService.getToken(IdentityBrokerService.java:471)
	at org.keycloak.keycloak-services@9.0.9.redhat-00001//org.keycloak.services.resources.IdentityBrokerService.retrieveToken(IdentityBrokerService.java:431)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:566)
	at org.jboss.resteasy.resteasy-jaxrs@3.11.2.Final-redhat-00002//org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:138)
	at org.jboss.resteasy.resteasy-jaxrs@3.11.2.Final-redhat-00002//org.jboss.resteasy.core.ResourceMethodInvoker.internalInvokeOnTarget(ResourceMethodInvoker.java:535)
	at org.jboss.resteasy.resteasy-jaxrs@3.11.2.Final-redhat-00002//org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTargetAfterFilter(ResourceMethodInvoker.java:424)
	at org.jboss.resteasy.resteasy-jaxrs@3.11.2.Final-redhat-00002//org.jboss.resteasy.core.ResourceMethodInvoker.lambda$invokeOnTarget$0(ResourceMethodInvoker.java:385)
	at org.jboss.resteasy.resteasy-jaxrs@3.11.2.Final-redhat-00002//org.jboss.resteasy.core.interception.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:356)
	at org.jboss.resteasy.resteasy-jaxrs@3.11.2.Final-redhat-00002//org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:387)
	at org.jboss.resteasy.resteasy-jaxrs@3.11.2.Final-redhat-00002//org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:356)
	at org.jboss.resteasy.resteasy-jaxrs@3.11.2.Final-redhat-00002//org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:150)
	at org.jboss.resteasy.resteasy-jaxrs@3.11.2.Final-redhat-00002//org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:104)
	at org.jboss.resteasy.resteasy-jaxrs@3.11.2.Final-redhat-00002//org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:440)
	at org.jboss.resteasy.resteasy-jaxrs@3.11.2.Final-redhat-00002//org.jboss.resteasy.core.SynchronousDispatcher.lambda$invoke$4(SynchronousDispatcher.java:229)
	at org.jboss.resteasy.resteasy-jaxrs@3.11.2.Final-redhat-00002//org.jboss.resteasy.core.SynchronousDispatcher.lambda$preprocess$0(SynchronousDispatcher.java:135)
	at org.jboss.resteasy.resteasy-jaxrs@3.11.2.Final-redhat-00002//org.jboss.resteasy.core.interception.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:356)
	at org.jboss.resteasy.resteasy-jaxrs@3.11.2.Final-redhat-00002//org.jboss.resteasy.core.SynchronousDispatcher.preprocess(SynchronousDispatcher.java:138)
	at org.jboss.resteasy.resteasy-jaxrs@3.11.2.Final-redhat-00002//org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:215)
	at org.jboss.resteasy.resteasy-jaxrs@3.11.2.Final-redhat-00002//org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:227)
	at org.jboss.resteasy.resteasy-jaxrs@3.11.2.Final-redhat-00002//org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56)
	at org.jboss.resteasy.resteasy-jaxrs@3.11.2.Final-redhat-00002//org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51)
	at javax.servlet.api@2.0.0.Final-redhat-00001//javax.servlet.http.HttpServlet.service(HttpServlet.java:590)
	at io.undertow.servlet@2.0.31.SP1-redhat-00001//io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74)
	at io.undertow.servlet@2.0.31.SP1-redhat-00001//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
	at org.keycloak.keycloak-services@9.0.9.redhat-00001//org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:91)
	at io.undertow.servlet@2.0.31.SP1-redhat-00001//io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet@2.0.31.SP1-redhat-00001//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at io.undertow.servlet@2.0.31.SP1-redhat-00001//io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
	at io.undertow.servlet@2.0.31.SP1-redhat-00001//io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
	at io.undertow.servlet@2.0.31.SP1-redhat-00001//io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68)
	at io.undertow.servlet@2.0.31.SP1-redhat-00001//io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
	at org.wildfly.extension.undertow@7.3.3.GA-redhat-00004//org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
	at io.undertow.core@2.0.31.SP1-redhat-00001//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at io.undertow.servlet@2.0.31.SP1-redhat-00001//io.undertow.servlet.handlers.RedirectDirHandler.handleRequest(RedirectDirHandler.java:68)
	at io.undertow.servlet@2.0.31.SP1-redhat-00001//io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:132)
	at io.undertow.servlet@2.0.31.SP1-redhat-00001//io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
	at io.undertow.core@2.0.31.SP1-redhat-00001//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at io.undertow.core@2.0.31.SP1-redhat-00001//io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
	at io.undertow.servlet@2.0.31.SP1-redhat-00001//io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
	at io.undertow.core@2.0.31.SP1-redhat-00001//io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
	at io.undertow.servlet@2.0.31.SP1-redhat-00001//io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
	at io.undertow.core@2.0.31.SP1-redhat-00001//io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
	at io.undertow.core@2.0.31.SP1-redhat-00001//io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
	at io.undertow.core@2.0.31.SP1-redhat-00001//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at org.wildfly.extension.undertow@7.3.3.GA-redhat-00004//org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
	at io.undertow.core@2.0.31.SP1-redhat-00001//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at org.wildfly.extension.undertow@7.3.3.GA-redhat-00004//org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68)
	at io.undertow.core@2.0.31.SP1-redhat-00001//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at io.undertow.servlet@2.0.31.SP1-redhat-00001//io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:269)
	at io.undertow.servlet@2.0.31.SP1-redhat-00001//io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:78)
	at io.undertow.servlet@2.0.31.SP1-redhat-00001//io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:133)
	at io.undertow.servlet@2.0.31.SP1-redhat-00001//io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:130)
	at io.undertow.servlet@2.0.31.SP1-redhat-00001//io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
	at io.undertow.servlet@2.0.31.SP1-redhat-00001//io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
	at org.wildfly.extension.undertow@7.3.3.GA-redhat-00004//org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105)
	at org.wildfly.extension.undertow@7.3.3.GA-redhat-00004//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
	at org.wildfly.extension.undertow@7.3.3.GA-redhat-00004//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
	at org.wildfly.extension.undertow@7.3.3.GA-redhat-00004//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
	at org.wildfly.extension.undertow@7.3.3.GA-redhat-00004//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
	at io.undertow.servlet@2.0.31.SP1-redhat-00001//io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:249)
	at io.undertow.servlet@2.0.31.SP1-redhat-00001//io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:78)
	at io.undertow.servlet@2.0.31.SP1-redhat-00001//io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:99)
	at io.undertow.core@2.0.31.SP1-redhat-00001//io.undertow.server.Connectors.executeRootHandler(Connectors.java:370)
	at io.undertow.core@2.0.31.SP1-redhat-00001//io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:830)
	at org.jboss.threads@2.3.3.Final-redhat-00001//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
	at org.jboss.threads@2.3.3.Final-redhat-00001//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982)
	at org.jboss.threads@2.3.3.Final-redhat-00001//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
	at org.jboss.threads@2.3.3.Final-redhat-00001//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
	at org.jboss.xnio@3.7.9.Final-redhat-00001//org.xnio.XnioWorker$WorkerThreadFactory$1$1.run(XnioWorker.java:1280)
	at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: javax.net.ssl.SSLException: Connection reset
	at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:127)
	at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:350)
	at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:293)
	at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:288)
	at java.base/sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1581)
	at java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:979)
	at org.apache.httpcomponents.core//org.apache.http.impl.io.SessionInputBufferImpl.streamRead(SessionInputBufferImpl.java:137)
	at org.apache.httpcomponents.core//org.apache.http.impl.io.SessionInputBufferImpl.fillBuffer(SessionInputBufferImpl.java:153)
	at org.apache.httpcomponents.core//org.apache.http.impl.io.SessionInputBufferImpl.readLine(SessionInputBufferImpl.java:280)
	at org.apache.httpcomponents.core//org.apache.http.impl.conn.DefaultHttpResponseParser.parseHead(DefaultHttpResponseParser.java:138)
	at org.apache.httpcomponents.core//org.apache.http.impl.conn.DefaultHttpResponseParser.parseHead(DefaultHttpResponseParser.java:56)
	at org.apache.httpcomponents.core//org.apache.http.impl.io.AbstractMessageParser.parse(AbstractMessageParser.java:259)
	at org.apache.httpcomponents.core//org.apache.http.impl.DefaultBHttpClientConnection.receiveResponseHeader(DefaultBHttpClientConnection.java:163)
	at org.apache.httpcomponents.core//org.apache.http.impl.conn.CPoolProxy.receiveResponseHeader(CPoolProxy.java:157)
	at org.apache.httpcomponents.core//org.apache.http.protocol.HttpRequestExecutor.doReceiveResponse(HttpRequestExecutor.java:273)
	at org.apache.httpcomponents.core//org.apache.http.protocol.HttpRequestExecutor.execute(HttpRequestExecutor.java:125)
	at org.apache.httpcomponents.core//org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:272)
	at org.apache.httpcomponents.core//org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186)
	at org.apache.httpcomponents.core//org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
	at org.apache.httpcomponents.core//org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
	at org.apache.httpcomponents.core//org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
	at org.apache.httpcomponents.core//org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
	at org.apache.httpcomponents.core//org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108)
	at org.apache.httpcomponents.core//org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56)
	at org.keycloak.keycloak-services@9.0.9.redhat-00001//org.keycloak.social.openshift.OpenshiftV4IdentityProvider.getOauthMetadataInputStream(OpenshiftV4IdentityProvider.java:62)
	at org.keycloak.keycloak-services@9.0.9.redhat-00001//org.keycloak.social.openshift.OpenshiftV4IdentityProvider.getAuthJson(OpenshiftV4IdentityProvider.java:49)
	... 77 more
	Suppressed: java.net.SocketException: Broken pipe (Write failed)
		at java.base/java.net.SocketOutputStream.socketWrite0(Native Method)
		at java.base/java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:110)
		at java.base/java.net.SocketOutputStream.write(SocketOutputStream.java:150)
		at java.base/sun.security.ssl.SSLSocketOutputRecord.encodeAlert(SSLSocketOutputRecord.java:81)
		at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:381)
		... 101 more
Caused by: java.net.SocketException: Connection reset
	at java.base/java.net.SocketInputStream.read(SocketInputStream.java:186)
	at java.base/java.net.SocketInputStream.read(SocketInputStream.java:140)
	at java.base/sun.security.ssl.SSLSocketInputRecord.read(SSLSocketInputRecord.java:476)
	at java.base/sun.security.ssl.SSLSocketInputRecord.readHeader(SSLSocketInputRecord.java:470)
	at java.base/sun.security.ssl.SSLSocketInputRecord.bytesInCompletePacket(SSLSocketInputRecord.java:70)
	at java.base/sun.security.ssl.SSLSocketImpl.readApplicationRecord(SSLSocketImpl.java:1354)
	at java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:963)
	... 97 more

        1. screenshot-Login (1).png
          screenshot-Login (1).png
          34 kB

            rhopp@redhat.com Radim Hopp
            dnochevn Dmytro Nochevnov
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: