[aerogear-dev] setting up aerogear behind nginx proxy
Matthias Wessendorf
matzew at apache.org
Tue Nov 4 01:34:31 EST 2014
Hello Chris,
how did the configuration go? Were you able to setup the unifiedpush server
behind your nginx proxy?
Thanks,
Matthias
On Fri, Oct 17, 2014 at 8:35 AM, Stian Thorgersen <stian at redhat.com> wrote:
> Hi Chris,
>
> Can you copy/paste the full URL where you get the 'invalid redirect_uri'
> message?
>
> For details about setting up reverse proxy with Keycloak look at
> http://docs.jboss.org/keycloak/docs/1.0.2.Final/userguide/html/server-installation.html#d4e298.
> Key things are X-Forwarded-For and X-Forwarded-Proto which it looks like
> you've added, but you also need to do some changes to standalone.xml.
>
> ----- Original Message -----
> > From: "Matthias Wessendorf" <matzew at apache.org>
> > To: "AeroGear Developer Mailing List" <aerogear-dev at lists.jboss.org>
> > Sent: Friday, 17 October, 2014 8:08:08 AM
> > Subject: Re: [aerogear-dev] setting up aerogear behind nginx proxy
> >
> > Hey Chris!
> >
> > glad to hear about the progress :)
> >
> > regarding the "Invalid redirect_uri", looks like something goes wrong
> with
> > the redirect/ forward.
> > On the page were you get the login form (or the Invalid redirect_uri),
> can
> > you compare the URL in the browser ?
> > (especially the part after the &redirect_uri param).
> >
> > On the 500, any stack trace there?
> >
> > Thanks,
> > Matthias
> >
> >
> > On Fri, Oct 17, 2014 at 7:38 AM, chale < chris.hale at me.com > wrote:
> >
> >
> >
> > I am having a little more positive progress and a few more useful things
> to
> > report from me trying to get this working.
> > The logs below aren’t an issue anymore. Here is how i now have things
> setup.
> >
> > I have nginx setup and running on port 443 and my nginx config looks like
> > this
> > location / {
> > if ($http_user_agent ~ ^$) {
> > # return 403;
> > }
> >
> > proxy_pass http://10.128.93.235:8080/ ;
> > proxy_redirect off;
> >
> > proxy_set_header Host $host;
> > proxy_set_header X-Forwarded-Proto "https";
> > proxy_set_header X-Forwarded-Host $host;
> > proxy_set_header X-Forwarded-Server $host;
> > proxy_set_header X-Real-IP $remote_addr;
> > proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
> > }
> >
> >
> > I seem to be able to login if i choose http://myserver.com but if i try
> and
> > do https://myserver.com/ag-push
> >
> > I get a message that is saying we are sorry Invalid redirect_uri. .
> >
> > In looking at the http requests I am seeing
> > /auth/realms/aerogear/tokens/login url cause a 500
> >
> > Any way to troubleshoot why its giving a 500?
> >
> > Thanks in advance,
> >
> >
> >
> >
> > --
> > Chris Hale
> > Sent with Sparrow
> >
> >
> >
> > On Friday, October 17, 2014 at 12:31 AM, Matthias Wessendorf [via
> > aerogear-dev] wrote:
> >
> >
> > Hi Chris!
> >
> > thanks for trying the UnifiedPush Server. I have never tried to run the
> UPS
> > behind a (ngnix) proxy. Does the same config work w/o the proxy? The
> stack
> > above says "Unable to resolve realm public key remotely", so I am
> wondering
> > if the Keycoak Auth-Server is deployed as well.
> >
> > In the meantime I'll ask our Keycloak friends if they have any
> experience on
> > this.
> >
> > Thanks,
> > Matthias
> >
> > On Fri, Oct 17, 2014 at 6:59 AM, chale < [hidden email] > wrote:
> >
> >
> >
> > Hi,
> > I need some help. I am trying to setup aerogear behind a nginx proxy
> > server that has ssl enabled and I am running into issues. Anytime i try
> to
> > go to /ag-push I see this in the logs
> >
> > RROR [org.apache.catalina.connector.CoyoteAdapter]
> > (http--10.128.93.235-8080-5) An exception or error occurred in the
> container
> > during the request processing: java.lang.RuntimeException: Unable to
> resolve
> > realm public key remotely, status = 403
> > at
> >
> org.keycloak.adapters.AdapterDeploymentContext.resolveRealmKey(AdapterDeploymentContext.java:69)
> > [keycloak-adapter-core-1.0-final.jar:]
> > at
> >
> org.keycloak.adapters.AdapterDeploymentContext.resolveDeployment(AdapterDeploymentContext.java:55)
> > [keycloak-adapter-core-1.0-final.jar:]
> > at
> >
> org.keycloak.adapters.as7.AuthenticatedActionsValve.invoke(AuthenticatedActionsValve.java:45)
> > [keycloak-as7-adapter-1.0-final.jar:]
> > at
> >
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:397)
> > [jbossweb-7.0.13.Final.jar:]
> > at
> >
> org.keycloak.adapters.as7.KeycloakAuthenticatorValve.invoke(KeycloakAuthenticatorValve.java:135)
> > [keycloak-as7-adapter-1.0-final.jar:]
> > at
> > org.jboss.as . web.security.SecurityContextAssociationValve.invoke
> > (SecurityContextAssociationValve.java:153)
> > [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]
> > at
> >
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155)
> > [jbossweb-7.0.13.Final.jar:]
> > at
> >
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
> > [jbossweb-7.0.13.Final.jar:]
> > at
> >
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
> > [jbossweb-7.0.13.Final.jar:]
> > at
> >
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368)
> > [jbossweb-7.0.13.Final.jar:]
> > at
> >
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877)
> > [jbossweb-7.0.13.Final.jar:]
> > at
> >
> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671)
> > [jbossweb-7.0.13.Final.jar:]
> > at
> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930)
> > [jbossweb-7.0.13.Final.jar:]
> > at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_65]
> >
> > Does anyone have any advice or experience on how to go about setting up
> > aerogear behind an nginx proxy?
> >
> >
> >
> > --
> > View this message in context:
> >
> http://aerogear-dev.1069024.n5.nabble.com/setting-up-aerogear-behind-nginx-proxy-tp9489.html
> > Sent from the aerogear-dev mailing list archive at Nabble.com .
> > _______________________________________________
> > aerogear-dev mailing list
> > [hidden email]
> > https://lists.jboss.org/mailman/listinfo/aerogear-dev
> >
> >
> >
> > --
> > Matthias Wessendorf
> >
> > blog: http://matthiaswessendorf.wordpress.com/
> > sessions: http://www.slideshare.net/mwessendorf
> > twitter: http://twitter.com/mwessendorf
> >
> > _______________________________________________
> > aerogear-dev mailing list
> > [hidden email]
> > https://lists.jboss.org/mailman/listinfo/aerogear-dev
> >
> >
> > If you reply to this email, your message will be added to the discussion
> > below:
> >
> http://aerogear-dev.1069024.n5.nabble.com/setting-up-aerogear-behind-nginx-proxy-tp9489p9490.html
> > To unsubscribe from setting up aerogear behind nginx proxy, click here .
> > NAML
> >
> >
> >
> > View this message in context: Re: [aerogear-dev] setting up aerogear
> behind
> > nginx proxy
> >
> > Sent from the aerogear-dev mailing list archive at Nabble.com.
> >
> > _______________________________________________
> > aerogear-dev mailing list
> > aerogear-dev at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/aerogear-dev
> >
> >
> >
> > --
> > Matthias Wessendorf
> >
> > blog: http://matthiaswessendorf.wordpress.com/
> > sessions: http://www.slideshare.net/mwessendorf
> > twitter: http://twitter.com/mwessendorf
> >
> > _______________________________________________
> > aerogear-dev mailing list
> > aerogear-dev at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/aerogear-dev
>
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>
--
Matthias Wessendorf
blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/aerogear-dev/attachments/20141104/4c999acd/attachment.html
More information about the aerogear-dev
mailing list