Hello, I am trying to install apigee with an all in one node topology. I have successfully installed the main modules and logged in to the classic UI with both sysadmin and org admin credentials.
I then binded to an external LDAP (Azure AD Dir. Services), still with Classic UI, and I managed to log in with that setup.
Now I want to migrate to/install the new Edge UI. I am still on the same node, from what I read in the docs staying on the same node makes the Classic UI unusable which is not a problem for me, I just want to run the Edge UI.
My issue is when I try to install the SSO component. I use this command :
$ /opt/apigee/apigee-setup/bin/setup.sh -p sso -f /tmp/apigeeConfig/configFileSSO
With this configFile : apigeeconfigsso.txt
And the setup fails at Stage 3 :
-----------------------------------------------------------
[SETUP STAGE] (3/5): Starting and initializing "apigee-sso"
-----------------------------------------------------------
Restarting apigee-sso service
apigee-service: apigee-sso: apigee-sso is not running
apigee-configutil: apigee-sso: # OK
apigee-service: apigee-sso: Not running (NO_LOCKFILE)
apigee-service: apigee-sso: status=2, continuing
apigee-service: apigee-sso: OK
apigee-service: apigee-sso: apigee-sso is running
apigee-service: apigee-sso: apigee-sso is ready
Provisioning sso clients..
INFO: Successfully created "bootstrap"
INFO: Successfully fetched access token for "bootstrap" client
ERROR: Failure in creating oauth client - "ssoadmin". Response from server was:
HTTP/1.1 201 Cr▒e
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'strict-dynamic' 'nonce-MjAxOS0xMS0yMlQxMDozNToxN1puMFpvMWRoUnh3a00vdw' 'unsafe-inline' http: https:; object-src 'none'; base-uri 'none'
Content-Type: application/json;charset=utf-8
Content-Length: 431
Date: Fri, 22 Nov 2019 10:35:17 GMT
Server: Apache
{"scope":["uaa.none"],"client_id":"ssoadmin","resource_ids":["none"],"authorized_grant_types":["client_credentials"],"autoapprove":[],"access_token_validity":300,"action":"none","authorities":["clients.read","zones.read","scim.userids","clients.secret","uaa.admin","clients.admin","scim.zones","scim.read","password.write","mfa.unlink","zones.write","clients.write","scim.write"],"name":"ssoadmin","lastModified":1574418917944}
Error: setup.sh: /opt/apigee/apigee-service/bin/apigee-service exited with unexpected status 1
- Why am I getting an error with a correct response code from the server (201 Created) ?
If I repeat the command it will fail at the same stage with a 409 Conflict (Client already exists: ssoadmin)
ERROR: Failure in creating oauth client - "ssoadmin". Response from server was:
HTTP/1.1 409 Conflit
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'strict-dynamic' 'nonce-MjAxOS0xMS0yMlQxMDozNjoyNFpSOUpDQ0U5QVBqUWZOUQ' 'unsafe-inline' http: https:; object-src 'none'; base-uri 'none'
Content-Type: application/json;charset=utf-8
Content-Length: 82
Date: Fri, 22 Nov 2019 10:36:24 GMT
Server: Apache
{"error":"invalid_client","error_description":"Client already exists: ssoadmin"}
- Should I install something else before SSO ? I understand that in order to make Edge UI work I need SSO and External IDP config (LDAP).
Thank You,
LinkedIn
Twitter
