[BUG] Unable to use Digital Twin Registry with Keycloak #901
Description
Describe the bug
Starting from BaSyx Secured as a base I tried to run an instance of the new Digital Twin Registry in combination with Keycloak. When not enabling any authorization features the DTR works fine, but whenver I enable them (either using environment in the docker compose file or via the properties file) I get an error.
I mostly want to know if this is a configuration issue or if I am doing something else wrong here.
These are the logs from the DTR component:
____ _____
| _ \ / ____|
| |_) | __ _ | (___ _ _ __ __
| _ < / _` | \___ \ | | | |\ \/ /
| |_) || (_| | ____) || |_| | > <
|____/ \__,_||_____/ \__, |/_/\_\
======================== __/ |======
AAS Discovery Service |___/
2.0.0-PREVIEW
2025-10-30T10:07:19.648Z INFO 1 --- [AAS Discovery Service] [ main] o.e.d.b.d.component.DigitalTwinRegistry : Starting DigitalTwinRegistry v2.0.0-SNAPSHOT using Java 17.0.16 with PID 1 (/application/basyxExecutable.jar started by nobody in /application)
10:07:19.648 [main] INFO o.e.d.b.d.c.DigitalTwinRegistry - Starting DigitalTwinRegistry v2.0.0-SNAPSHOT using Java 17.0.16 with PID 1 (/application/basyxExecutable.jar started by nobody in /application)
2025-10-30T10:07:19.650Z INFO 1 --- [AAS Discovery Service] [ main] o.e.d.b.d.component.DigitalTwinRegistry : The following 2 profiles are active: "logEvents", "InMemory"
10:07:19.650 [main] INFO o.e.d.b.d.c.DigitalTwinRegistry - The following 2 profiles are active: "logEvents", "InMemory"
2025-10-30T10:07:20.650Z INFO 1 --- [AAS Discovery Service] [ main] o.s.b.f.s.DefaultListableBeanFactory : Overriding bean definition for bean 'jackson2ObjectMapperBuilder' with a different definition: replacing [Root bean: class=null; scope=; abstract=false; lazyInit=null; autowireMode=3; dependencyCheck=0; autowireCandidate=true; primary=false; fallback=false; factoryBeanName=baSyxHTTPConfiguration; factoryMethodName=jackson2ObjectMapperBuilder; initMethodNames=null; destroyMethodNames=[(inferred)]; defined in class path resource [org/eclipse/digitaltwin/basyx/http/BaSyxHTTPConfiguration.class]] with [Root bean: class=null; scope=; abstract=false; lazyInit=null; autowireMode=3; dependencyCheck=0; autowireCandidate=true; primary=false; fallback=false; factoryBeanName=restConfiguration; factoryMethodName=jackson2ObjectMapperBuilder; initMethodNames=null; destroyMethodNames=[(inferred)]; defined in class path resource [org/eclipse/digitaltwin/basyx/aasregistry/service/configuration/RestConfiguration.class]]
10:07:20.650 [main] INFO o.s.b.f.s.DefaultListableBeanFactory - Overriding bean definition for bean 'jackson2ObjectMapperBuilder' with a different definition: replacing [Root bean: class=null; scope=; abstract=false; lazyInit=null; autowireMode=3; dependencyCheck=0; autowireCandidate=true; primary=false; fallback=false; factoryBeanName=baSyxHTTPConfiguration; factoryMethodName=jackson2ObjectMapperBuilder; initMethodNames=null; destroyMethodNames=[(inferred)]; defined in class path resource [org/eclipse/digitaltwin/basyx/http/BaSyxHTTPConfiguration.class]] with [Root bean: class=null; scope=; abstract=false; lazyInit=null; autowireMode=3; dependencyCheck=0; autowireCandidate=true; primary=false; fallback=false; factoryBeanName=restConfiguration; factoryMethodName=jackson2ObjectMapperBuilder; initMethodNames=null; destroyMethodNames=[(inferred)]; defined in class path resource [org/eclipse/digitaltwin/basyx/aasregistry/service/configuration/RestConfiguration.class]]
2025-10-30T10:07:20.650Z INFO 1 --- [AAS Discovery Service] [ main] o.s.b.f.s.DefaultListableBeanFactory : Overriding bean definition for bean 'corsConfigurer' with a different definition: replacing [Root bean: class=null; scope=; abstract=false; lazyInit=null; autowireMode=3; dependencyCheck=0; autowireCandidate=true; primary=false; fallback=false; factoryBeanName=baSyxHTTPConfiguration; factoryMethodName=corsConfigurer; initMethodNames=null; destroyMethodNames=[(inferred)]; defined in class path resource [org/eclipse/digitaltwin/basyx/http/BaSyxHTTPConfiguration.class]] with [Root bean: class=null; scope=; abstract=false; lazyInit=null; autowireMode=3; dependencyCheck=0; autowireCandidate=true; primary=false; fallback=false; factoryBeanName=restConfiguration; factoryMethodName=corsConfigurer; initMethodNames=null; destroyMethodNames=[(inferred)]; defined in class path resource [org/eclipse/digitaltwin/basyx/aasregistry/service/configuration/RestConfiguration.class]]
10:07:20.650 [main] INFO o.s.b.f.s.DefaultListableBeanFactory - Overriding bean definition for bean 'corsConfigurer' with a different definition: replacing [Root bean: class=null; scope=; abstract=false; lazyInit=null; autowireMode=3; dependencyCheck=0; autowireCandidate=true; primary=false; fallback=false; factoryBeanName=baSyxHTTPConfiguration; factoryMethodName=corsConfigurer; initMethodNames=null; destroyMethodNames=[(inferred)]; defined in class path resource [org/eclipse/digitaltwin/basyx/http/BaSyxHTTPConfiguration.class]] with [Root bean: class=null; scope=; abstract=false; lazyInit=null; autowireMode=3; dependencyCheck=0; autowireCandidate=true; primary=false; fallback=false; factoryBeanName=restConfiguration; factoryMethodName=corsConfigurer; initMethodNames=null; destroyMethodNames=[(inferred)]; defined in class path resource [org/eclipse/digitaltwin/basyx/aasregistry/service/configuration/RestConfiguration.class]]
2025-10-30T10:07:20.659Z INFO 1 --- [AAS Discovery Service] [ main] .s.d.r.c.RepositoryConfigurationDelegate : Multiple Spring Data modules found, entering strict repository configuration mode
10:07:20.659 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Multiple Spring Data modules found, entering strict repository configuration mode
2025-10-30T10:07:20.660Z INFO 1 --- [AAS Discovery Service] [ main] .s.d.r.c.RepositoryConfigurationDelegate : Bootstrapping Spring Data JPA repositories in DEFAULT mode.
10:07:20.660 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Bootstrapping Spring Data JPA repositories in DEFAULT mode.
2025-10-30T10:07:20.782Z INFO 1 --- [AAS Discovery Service] [ main] .s.d.r.c.RepositoryConfigurationDelegate : Finished Spring Data repository scanning in 112 ms. Found 1 JPA repository interface.
10:07:20.782 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Finished Spring Data repository scanning in 112 ms. Found 1 JPA repository interface.
2025-10-30T10:07:21.060Z INFO 1 --- [AAS Discovery Service] [ main] .s.d.r.c.RepositoryConfigurationDelegate : Multiple Spring Data modules found, entering strict repository configuration mode
10:07:21.060 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Multiple Spring Data modules found, entering strict repository configuration mode
2025-10-30T10:07:21.060Z INFO 1 --- [AAS Discovery Service] [ main] .s.d.r.c.RepositoryConfigurationDelegate : Bootstrapping Spring Data MongoDB repositories in DEFAULT mode.
10:07:21.060 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Bootstrapping Spring Data MongoDB repositories in DEFAULT mode.
2025-10-30T10:07:21.069Z INFO 1 --- [AAS Discovery Service] [ main] .s.d.r.c.RepositoryConfigurationDelegate : Finished Spring Data repository scanning in 7 ms. Found 0 MongoDB repository interfaces.
10:07:21.069 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Finished Spring Data repository scanning in 7 ms. Found 0 MongoDB repository interfaces.
2025-10-30T10:07:21.648Z INFO 1 --- [AAS Discovery Service] [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat initialized with port 8081 (http)
10:07:21.648 [main] INFO o.s.b.w.e.tomcat.TomcatWebServer - Tomcat initialized with port 8081 (http)
2025-10-30T10:07:21.656Z INFO 1 --- [AAS Discovery Service] [ main] o.apache.catalina.core.StandardService : Starting service [Tomcat]
10:07:21.656 [main] INFO o.a.catalina.core.StandardService - Starting service [Tomcat]
2025-10-30T10:07:21.656Z INFO 1 --- [AAS Discovery Service] [ main] o.apache.catalina.core.StandardEngine : Starting Servlet engine: [Apache Tomcat/10.1.43]
10:07:21.656 [main] INFO o.a.catalina.core.StandardEngine - Starting Servlet engine: [Apache Tomcat/10.1.43]
2025-10-30T10:07:21.680Z INFO 1 --- [AAS Discovery Service] [ main] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring embedded WebApplicationContext
10:07:21.680 [main] INFO o.a.c.c.C.[Tomcat].[localhost].[/] - Initializing Spring embedded WebApplicationContext
2025-10-30T10:07:21.681Z INFO 1 --- [AAS Discovery Service] [ main] w.s.c.ServletWebServerApplicationContext : Root WebApplicationContext: initialization completed in 1994 ms
10:07:21.681 [main] INFO o.s.b.w.s.c.ServletWebServerApplicationContext - Root WebApplicationContext: initialization completed in 1994 ms
2025-10-30T10:07:21.865Z INFO 1 --- [AAS Discovery Service] [ main] com.zaxxer.hikari.HikariDataSource : HikariPool-1 - Starting...
10:07:21.865 [main] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Starting...
2025-10-30T10:07:22.065Z INFO 1 --- [AAS Discovery Service] [ main] com.zaxxer.hikari.pool.HikariPool : HikariPool-1 - Added connection conn0: url=jdbc:h2:mem:f948ae97-8bec-47c0-8685-ecb4b42ff13a user=SA
10:07:22.065 [main] INFO com.zaxxer.hikari.pool.HikariPool - HikariPool-1 - Added connection conn0: url=jdbc:h2:mem:f948ae97-8bec-47c0-8685-ecb4b42ff13a user=SA
2025-10-30T10:07:22.068Z INFO 1 --- [AAS Discovery Service] [ main] com.zaxxer.hikari.HikariDataSource : HikariPool-1 - Start completed.
10:07:22.068 [main] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Start completed.
2025-10-30T10:07:22.105Z INFO 1 --- [AAS Discovery Service] [ main] o.hibernate.jpa.internal.util.LogHelper : HHH000204: Processing PersistenceUnitInfo [name: default]
10:07:22.105 [main] INFO o.h.jpa.internal.util.LogHelper - HHH000204: Processing PersistenceUnitInfo [name: default]
2025-10-30T10:07:22.171Z INFO 1 --- [AAS Discovery Service] [ main] org.hibernate.Version : HHH000412: Hibernate ORM core version 6.6.22.Final
10:07:22.171 [main] INFO org.hibernate.Version - HHH000412: Hibernate ORM core version 6.6.22.Final
2025-10-30T10:07:22.207Z INFO 1 --- [AAS Discovery Service] [ main] o.h.c.internal.RegionFactoryInitiator : HHH000026: Second-level cache disabled
10:07:22.207 [main] INFO o.h.c.i.RegionFactoryInitiator - HHH000026: Second-level cache disabled
2025-10-30T10:07:22.551Z INFO 1 --- [AAS Discovery Service] [ main] o.s.o.j.p.SpringPersistenceUnitInfo : No LoadTimeWeaver setup: ignoring JPA class transformer
10:07:22.551 [main] INFO o.s.o.j.p.SpringPersistenceUnitInfo - No LoadTimeWeaver setup: ignoring JPA class transformer
2025-10-30T10:07:22.633Z INFO 1 --- [AAS Discovery Service] [ main] org.hibernate.orm.connections.pooling : HHH10001005: Database info:
Database JDBC URL [Connecting through datasource 'HikariDataSource (HikariPool-1)']
Database driver: undefined/unknown
Database version: 2.3.232
Autocommit mode: undefined/unknown
Isolation level: undefined/unknown
Minimum pool size: undefined/unknown
Maximum pool size: undefined/unknown
10:07:22.633 [main] INFO o.hibernate.orm.connections.pooling - HHH10001005: Database info:
Database JDBC URL [Connecting through datasource 'HikariDataSource (HikariPool-1)']
Database driver: undefined/unknown
Database version: 2.3.232
Autocommit mode: undefined/unknown
Isolation level: undefined/unknown
Minimum pool size: undefined/unknown
Maximum pool size: undefined/unknown
2025-10-30T10:07:23.605Z INFO 1 --- [AAS Discovery Service] [ main] o.h.e.t.j.p.i.JtaPlatformInitiator : HHH000489: No JTA platform available (set 'hibernate.transaction.jta.platform' to enable JTA platform integration)
10:07:23.605 [main] INFO o.h.e.t.j.p.i.JtaPlatformInitiator - HHH000489: No JTA platform available (set 'hibernate.transaction.jta.platform' to enable JTA platform integration)
2025-10-30T10:07:23.656Z INFO 1 --- [AAS Discovery Service] [ main] j.LocalContainerEntityManagerFactoryBean : Initialized JPA EntityManagerFactory for persistence unit 'default'
10:07:23.656 [main] INFO o.s.o.j.LocalContainerEntityManagerFactoryBean - Initialized JPA EntityManagerFactory for persistence unit 'default'
2025-10-30T10:07:25.255Z INFO 1 --- [AAS Discovery Service] [ main] org.reflections.Reflections : Reflections took 97 ms to scan 39 urls, producing 146 keys and 634 values
10:07:25.255 [main] INFO org.reflections.Reflections - Reflections took 97 ms to scan 39 urls, producing 146 keys and 634 values
2025-10-30T10:07:25.383Z WARN 1 --- [AAS Discovery Service] [ main] ConfigServletWebServerApplicationContext : Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'discoveryIntegrationAasRegistryFeature' defined in URL [jar:nested:/application/basyxExecutable.jar/!BOOT-INF/lib/aasregistry-feature-discovery-integration-2.0.0-SNAPSHOT.jar!/org/eclipse/digitaltwin/basyx/aasregistry/feature/discovery/integration/DiscoveryIntegrationAasRegistryFeature.class]: Unsatisfied dependency expressed through constructor parameter 0: Error creating bean with name 'getAasDiscoveryService' defined in class path resource [org/eclipse/digitaltwin/basyx/aasdiscoveryservice/component/AasDiscoveryServiceConfiguration.class]: Unsatisfied dependency expressed through method 'getAasDiscoveryService' parameter 1: Error creating bean with name 'authorizedAasDiscoveryServiceFeature' defined in URL [jar:nested:/application/basyxExecutable.jar/!BOOT-INF/lib/basyx.aasdiscoveryservice-feature-authorization-2.0.0-SNAPSHOT.jar!/org/eclipse/digitaltwin/basyx/aasdiscoveryservice/feature/authorization/AuthorizedAasDiscoveryServiceFeature.class]: Unsatisfied dependency expressed through constructor parameter 0: Error creating bean with name 'getAasDiscoveryServicePermissionResolver' defined in class path resource [org/eclipse/digitaltwin/basyx/aasdiscoveryservice/feature/authorization/AuthorizedAasDiscoveryServiceConfiguration.class]: Unsatisfied dependency expressed through method 'getAasDiscoveryServicePermissionResolver' parameter 1: No qualifying bean of type 'org.eclipse.digitaltwin.basyx.authorization.rbac.RoleProvider' available: expected single matching bean but found 2: keycloakRoleProvider,org.eclipse.digitaltwin.basyx.authorization.rbac.KeycloakRoleProvider
10:07:25.383 [main] WARN o.s.b.w.s.c.AnnotationConfigServletWebServerApplicationContext - Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'discoveryIntegrationAasRegistryFeature' defined in URL [jar:nested:/application/basyxExecutable.jar/!BOOT-INF/lib/aasregistry-feature-discovery-integration-2.0.0-SNAPSHOT.jar!/org/eclipse/digitaltwin/basyx/aasregistry/feature/discovery/integration/DiscoveryIntegrationAasRegistryFeature.class]: Unsatisfied dependency expressed through constructor parameter 0: Error creating bean with name 'getAasDiscoveryService' defined in class path resource [org/eclipse/digitaltwin/basyx/aasdiscoveryservice/component/AasDiscoveryServiceConfiguration.class]: Unsatisfied dependency expressed through method 'getAasDiscoveryService' parameter 1: Error creating bean with name 'authorizedAasDiscoveryServiceFeature' defined in URL [jar:nested:/application/basyxExecutable.jar/!BOOT-INF/lib/basyx.aasdiscoveryservice-feature-authorization-2.0.0-SNAPSHOT.jar!/org/eclipse/digitaltwin/basyx/aasdiscoveryservice/feature/authorization/AuthorizedAasDiscoveryServiceFeature.class]: Unsatisfied dependency expressed through constructor parameter 0: Error creating bean with name 'getAasDiscoveryServicePermissionResolver' defined in class path resource [org/eclipse/digitaltwin/basyx/aasdiscoveryservice/feature/authorization/AuthorizedAasDiscoveryServiceConfiguration.class]: Unsatisfied dependency expressed through method 'getAasDiscoveryServicePermissionResolver' parameter 1: No qualifying bean of type 'org.eclipse.digitaltwin.basyx.authorization.rbac.RoleProvider' available: expected single matching bean but found 2: keycloakRoleProvider,org.eclipse.digitaltwin.basyx.authorization.rbac.KeycloakRoleProvider
2025-10-30T10:07:25.384Z INFO 1 --- [AAS Discovery Service] [ main] j.LocalContainerEntityManagerFactoryBean : Closing JPA EntityManagerFactory for persistence unit 'default'
10:07:25.384 [main] INFO o.s.o.j.LocalContainerEntityManagerFactoryBean - Closing JPA EntityManagerFactory for persistence unit 'default'
2025-10-30T10:07:25.390Z INFO 1 --- [AAS Discovery Service] [ main] com.zaxxer.hikari.HikariDataSource : HikariPool-1 - Shutdown initiated...
10:07:25.390 [main] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Shutdown initiated...
2025-10-30T10:07:25.391Z INFO 1 --- [AAS Discovery Service] [ main] com.zaxxer.hikari.HikariDataSource : HikariPool-1 - Shutdown completed.
10:07:25.391 [main] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Shutdown completed.
2025-10-30T10:07:25.393Z INFO 1 --- [AAS Discovery Service] [ main] o.apache.catalina.core.StandardService : Stopping service [Tomcat]
10:07:25.393 [main] INFO o.a.catalina.core.StandardService - Stopping service [Tomcat]
2025-10-30T10:07:25.408Z INFO 1 --- [AAS Discovery Service] [ main] .s.b.a.l.ConditionEvaluationReportLogger :
Error starting ApplicationContext. To display the condition evaluation report re-run your application with 'debug' enabled.
10:07:25.408 [main] INFO o.s.b.a.l.ConditionEvaluationReportLogger -
Error starting ApplicationContext. To display the condition evaluation report re-run your application with 'debug' enabled.
2025-10-30T10:07:25.421Z ERROR 1 --- [AAS Discovery Service] [ main] o.s.b.d.LoggingFailureAnalysisReporter :
***************************
APPLICATION FAILED TO START
***************************
Description:
Parameter 1 of method getAasDiscoveryServicePermissionResolver in org.eclipse.digitaltwin.basyx.aasdiscoveryservice.feature.authorization.AuthorizedAasDiscoveryServiceConfiguration required a single bean, but 2 were found:
- keycloakRoleProvider: defined in URL [jar:nested:/application/basyxExecutable.jar/!BOOT-INF/lib/basyx.authorization-2.0.0-SNAPSHOT.jar!/org/eclipse/digitaltwin/basyx/authorization/rbac/KeycloakRoleProvider.class]
- org.eclipse.digitaltwin.basyx.authorization.rbac.KeycloakRoleProvider: defined in URL [jar:nested:/application/basyxExecutable.jar/!BOOT-INF/lib/basyx.authorization-2.0.0-SNAPSHOT.jar!/org/eclipse/digitaltwin/basyx/authorization/rbac/KeycloakRoleProvider.class]
This may be due to missing parameter name information
Action:
Consider marking one of the beans as @Primary, updating the consumer to accept multiple beans, or using @Qualifier to identify the bean that should be consumed
Ensure that your compiler is configured to use the '-parameters' flag.
You may need to update both your build tool settings as well as your IDE.
(See https://github.com/spring-projects/spring-framework/wiki/Spring-Framework-6.1-Release-Notes#parameter-name-retention)
10:07:25.421 [main] ERROR o.s.b.d.LoggingFailureAnalysisReporter -
***************************
APPLICATION FAILED TO START
***************************
Description:
Parameter 1 of method getAasDiscoveryServicePermissionResolver in org.eclipse.digitaltwin.basyx.aasdiscoveryservice.feature.authorization.AuthorizedAasDiscoveryServiceConfiguration required a single bean, but 2 were found:
- keycloakRoleProvider: defined in URL [jar:nested:/application/basyxExecutable.jar/!BOOT-INF/lib/basyx.authorization-2.0.0-SNAPSHOT.jar!/org/eclipse/digitaltwin/basyx/authorization/rbac/KeycloakRoleProvider.class]
- org.eclipse.digitaltwin.basyx.authorization.rbac.KeycloakRoleProvider: defined in URL [jar:nested:/application/basyxExecutable.jar/!BOOT-INF/lib/basyx.authorization-2.0.0-SNAPSHOT.jar!/org/eclipse/digitaltwin/basyx/authorization/rbac/KeycloakRoleProvider.class]
This may be due to missing parameter name information
Action:
Consider marking one of the beans as @Primary, updating the consumer to accept multiple beans, or using @Qualifier to identify the bean that should be consumed
Ensure that your compiler is configured to use the '-parameters' flag.
You may need to update both your build tool settings as well as your IDE.
(See https://github.com/spring-projects/spring-framework/wiki/Spring-Framework-6.1-Release-Notes#parameter-name-retention)
To Reproduce
Steps to reproduce the behavior:
- Use the docker-compose environment I am testing with
- Run
docker compose up -d - Check the logs of the DTR component
Expected behavior
The DTR should work with a Keycloak instance
BaSyx (please complete the following information):
- BaSyx Version: mostly milestone-08 (only DTR is on snapshot-e3986dd)
Used Asset Administration files (.aasx/.json/.xml)
No shells involved yet
BaSyx configuration
The environment I used is available in this Gist
System (please complete the following information):
- OS: Ubuntu 24.04.3
- CPU architecture: x86 AMD
Additional context
I was unable to find any specific documentation about authorization with the DTR - however: since it is advertised as simply being a combination of registry and discovery I thought it might work.