Deploying UAA in cloud.gov does not work as intended

Home Messages Hashtags Subgroups

#8412

Deploying UAA in cloud.gov does not work as intended

Shetty, Viraj S [CTR] #8412 I are trying to deploy UAA to cloud.gov (based on cloud foundry). Intention is to use that as the Identity management for all applications deployed in cloud.gov. I followed the steps laid out in https://docs.cloudfoundry.org/concepts/architecture/uaa.html#cf I was able to get the code, build it and deploy locally. Both below works fine uaac target http://localhost:8080/uaa uaac token client get admin -s adminsecret Then, I followed the steps to deploy in cloud.gov. I created a manifest file as below applications: - name: fdic-uaa memory: 1024M disk_quota: 512M instances: 1 buildpacks: - java_buildpack routes: - route: fdic-uaa-d.app.cloud.gov env: SPRING_PROFILES_ACTIVE: default UAA_URL: https://fdic-uaa-d.app.cloud.gov LOGIN_URL: https://fdic-uaa-d.app.cloud.gov I followed the steps laid out in "Deploy UAA to Cloud Foundry". After a few updates to uaa.yml file (uncomment SAML Key Configuration and added "encryption" field), i was able to deploy to cloud foundry without errors. Now when i enter the following command its okay (though it gives some error Unknown key: Max-Age = 86400) uaac target fdic-uaa-d.app.cloud.gov But on retrieving the token, i get the error "Bad Credentials" uaac token client get admin -s adminsecret error response: { "error": "unauthorized", "error_description": "Bad credentials" } attempt to get token failed The logs gave the following error 2018-12-14T16:12:41.55-0500 [APP/PROC/WEB/0] OUT [2018-12-14 21:12:41.557] cloudfoundry-identity-server - ???? [http-nio-8080-exec-3] .... DEBUG -- - ClientDetailsAuthenticationProvider: User 'admin' not found 2018-12-14T16:12:41.55-0500 [APP/PROC/WEB/0] OUT [2018-12-14 21:12:41.557] cloudfoundry-identity-server - ???? [http-nio-8080-exec-3] .... INFO -- - Audit: PrincipalAuthenticationFailure ('null'): principal=admin, origin=[167.176.6.240], identityZoneId=[uaa] 2018-12-14T16:12:41.55-0500 [APP/PROC/WEB/0] OUT [2018-12-14 21:12:41.557] cloudfoundry-identity-server - ???? [http-nio-8080-exec-3] .... INFO -- - Audit: ClientAuthenticationFailure ('Bad credentials'): principal=admin, origin=[remoteAddress=167.176.6.240, clientId=admin], identityZoneId=[uaa] 2018-12-14T16:12:41.55-0500 [APP/PROC/WEB/0] OUT [2018-12-14 21:12:41.558] cloudfoundry-identity-server - ???? [http-nio-8080-exec-3] .... DEBUG -- - ClientBasicAuthenticationFilter: Authentication request for failed: org.springframework.security.authentication.BadCredentialsException: Bad credentials I also tried to add a clients section in the uaa.yml file and still get an error. clients: admin: secret: <some secret> authorized-grant-types: client_credentials scope: uaa.none authorities: uaa.admin,clients.admin,clients.read,clients.write,clients.secret Any assistance will be helpful. Is there a reliable documentation on how to deploy UAA int ocloudfoundry ? I am not sure if I need to set some other atrributes in the uaa.yml
More All Messages By This Member

View All 7 Messages In Topic

#8412

Join {cf-dev@lists.cloudfoundry.org to automatically receive all group messages.

Home Hashtags Subgroups Terms