# curl https://jiazha:firstname.lastname@example.org/auth/realms/rhc4tp/protocol/docker-v2/auth\?service\=docker-registry -X GET -I
HTTP/1.1 500 Internal Server Error
Cache-Control: no-store, must-revalidate, max-age=0
Content-Security-Policy: frame-src 'self'
Date: Mon, 18 Dec 2017 09:55:12 GMT
Set-Cookie: KC_RESTART=eyJhbGciOiJIUzI1NiIsImtpZCIgOiAiNWU4MmIyZmQtYzUwMC00MWExLTk1ZGMtMTFlMTkxNTY1ZjVhIn0.eyJjcyI6ImVlZjRlMWMwLTQ1YmEtNGJiMC05ZWRkLTYxZWNmZGRkMTU3ZiIsImNpZCI6ImRvY2tlci1yZWdpc3RyeSIsInB0eSI6ImRvY2tlci12MiIsImFjdCI6IkFVVEhFTlRJQ0FURSIsIm5vdGVzIjp7InNlcnZpY2UiOiJkb2NrZXItcmVnaXN0cnkiLCJzY29wZSI6bnVsbCwiZG9ja2VyLmlzcyI6Imh0dHBzOi8vc3NvLnJlZGhhdC5jb20vYXV0aC9yZWFsbXMvcmhjNHRwIiwiYWNjb3VudCI6bnVsbH19.n92AfvfIcfnZrROMiFCFlmsi8eEdI8cvRdhabLZ0WBo; Version=1; Path=/auth/realms/rhc4tp; HttpOnly
Set-Cookie: BIGipServer~prod~keycloak-webssl-https=610731274.64288.0000; path=/; Httponly; Secure
Set-Cookie: sso_origin_dc=origin-sso-phx2.redhat.com; path=/; domain=sso.redhat.com; secure; HttpOnly
Set-Cookie: sso_origin_dc=novalue; expires=Thu, 21-Dec-1990 11:59:00 GMT; path=/; domain=sso.redhat.com; secure; HttpOnly
And no idea if the authURL still available.
I see one problem with your registry config. You are using the URL registry.connect.redhat.com (which is correct in this instance when using the openshift registry adapter. However, the image `openshift3/postgresql-apb` does not exist on this registry. That image exists in RHCC at registry.access.redhat.com. To use that image you would use the `rhcc` registry adapter.
I will investigate if the authUrl has changed.
First step should be to change the image to one that exists in the ISV registry. I would use `rocketchat/rocketchat-apb`. (https://access.redhat.com/containers/?tab=overview#/registry.connect.redhat.com/rocketchat/rocketchat-apb)
Zhang & Jian,
I apologize I didn't respond sooner this was lost in the shutdown. The host is no longer active and I am still unable to reproduce this on my local machine using your credentials. Is it possible that you are dealing with a proxy that cannot talk to registry.connect.redhat.com? I'm happy to look at another host if you can reproduce.
Thank you for setting up another host. I have confirmed that this issue is present in the ansible-service-broker image on the aws registry which you are using. I tested on your host with our latest upstream image and saw success using your credentials. I cannot track down what specific change to the adapter your image is built on but I can confirm it is fixed in the latest builds upstream so I will ensure this fix is in RHCC. I will move the bug to ON_QA when it is built and ready to be tested again.
Thank you for the clarification! You are right this problem does exist in the 3.7 image. I have figured out what it is causing this. We have a bug if the user does not set `auth_type` in the broker config.
To workaround this, in the registry config you can set `auth_type` to `config`. This will then use your proper credentials. I am also going to post a PR to set the user/pass if auth_type isn't set.
Previous PR link was invalid:
This will not be fixed in 3.7.x I will be filing a docs bug to ensure the user is setting auth_type in the registry config.
Associated documentation bug.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.