Failed to get Flow Storage access token from Keycloak
search cancel

Failed to get Flow Storage access token from Keycloak

book

Article ID: 206082

calendar_today

Updated On:

Products

CA Agile Requirements Designer

Issue/Introduction

We are trying to install ARD in cisco VM. 
There is separate VM for application and database.
During the installation we got the Failed to get Flow Storage access token from Keycloak error .
This error came when we started the apache tomcat.
Keycloak and Hub install are installed properly. 

In the ARDFlowstorage and keyclock database table are created successfully.

Environment

ARD HUB 3.1
Keycloak 5.0

Component : CA Agile Requirements Designer

Cause

Unkown environment issue caused redirect to HTTPS which had to be disabled.

Resolution

below is a recap of what we saw and did.
1) we had to copy the .ard from the C:\Windows\System32\config\systemprofile\.ard to C:\Windows\ServiceProfiles\LocalService\.ard
2) we had to edit the C:\Windows\ServiceProfiles\LocalService\.ard\conf\pla.properties and add the siteid and domain to this file as per the directions.
3) After installing the keycloak 5.0 and trying to run the command <HUBINSTALL>\keycloak>keycloak-setup.bat
4) We received the following error:
Configuring admin credentials to manage Keycloak
Logging into http://XXX.XXX.XXX.XXX:9999/ard/api/iam/auth as user admin of realm master
HTTPS required [invalid_request]
Checking if ARD is already configured
No server specified. Use --server, or 'kcadm.bat config credentials or connection'.
4) If we tried to login to Keycloak WEB UI using IP address hostname or FQDN we would get an error
we'are sorry
HTTP Required
6) the logs would show:
10:48:43,403 WARN [org.keycloak.events] (default task-1) type=LOGIN_ERROR, realmId=master, clientId=null, userId=null, ipAddress=XXX.XXX.XXX.XXX, error=ssl_required 10:49:18,937 WARN [org.keycloak.events] (default task-1) type=LOGIN_ERROR, realmId=master, clientId=null, userId=null, ipAddress=XXX.XXX.XXX.XXX, error=ssl_required
7) adding entries in the HOSTS file for the IPV4 address and localhost, hostname and FQDN did not help
8) set the system variables to IPV4 Adress, or hostname or FQDN did not change the problem.
KEYCLOAK_HOME=E:\keycloak
KEYCLOAK_ADDR=XXX.XXX.XXX.XXX
KEYCLOAK_PORT=9999
ARD_ADDR=XXX.XXX.XXX.XXX
ARD_PORT=8080
ARD_TEST_USERS=false
JAVA_OPTS=--add-modules=java.se
9) Adding the KEYCLOAK_HOST=XXX.XXX.XXX.XXX to the environment did not help
10) We did find we COULD connect to http://localhost:9999/ard/api/iam/auth
11) from the E:\keycloak\bin directory we ran the below command:
call kcadm.bat config credentials --server http://localhost:9999/ard/api/iam/auth --realm master --user admin --password admin
12) we then ran the following command:
call kcadm.bat update realms/master -s sslRequired=NONE
13) once this was done we could then continue on to the next step and run the <hub_install_dir>/keycloak/keycloak-setup.bat and this finished without errors.
14) we then restarted the keycloak and apache services and were able to log in using localhost, hostname, ipaddress or FQDN

Additional Information

Environment:
Windows 2016 server
keycloak 5.0.0
Java hotspot 11
MS SQL server 15
Tomcat 9.0.38

Powered by Wolken Software