<div dir="ltr">Hey Chris!<div><br></div><div>glad to hear about the progress :) </div><div><br></div><div>regarding the &quot;Invalid redirect_uri&quot;, looks like something goes wrong with the redirect/ forward.</div><div>On the page were you get the login form (or the Invalid redirect_uri), can you compare the URL in the browser ? </div><div>(especially the part after the &amp;redirect_uri param).</div><div><br></div><div>On the 500, any stack trace there?</div><div><br></div><div>Thanks,</div><div>Matthias</div><div><br></div><div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Oct 17, 2014 at 7:38 AM, chale <span dir="ltr">&lt;<a href="mailto:chris.hale@me.com" target="_blank">chris.hale@me.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
                <div>I am having a little more positive progress and a few more useful things to report from me trying to get this working.
                </div><div>The logs below aren’t an issue anymore.  Here is how i now have things setup. </div><div><br></div><div>I have nginx setup and running on port 443 and my nginx config looks like this</div><div><div>location / {</div><div>        if ($http_user_agent ~ ^$) {</div><div>#                return 403;</div><div>        }</div><div><br></div><div>        proxy_pass <a href="http://10.128.93.235:8080/" target="_blank">http://10.128.93.235:8080/</a>;</div><div>        proxy_redirect off;</div><div><br></div><div>        proxy_set_header Host $host;</div><div>proxy_set_header X-Forwarded-Proto &quot;https&quot;;</div><div>proxy_set_header X-Forwarded-Host $host;</div><div>        proxy_set_header X-Forwarded-Server $host;</div><div>       proxy_set_header X-Real-IP $remote_addr;</div><div>        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;</div><div>    }</div></div><div><br></div><div><br></div><div>I seem to be able to login if i choose <a href="http://myserver.com" target="_blank">http://myserver.com</a>  but if i try and do <a href="https://myserver.com/ag-push" target="_blank">https://myserver.com/ag-push</a> </div><div><br></div><div>I get a message that is saying we are sorry <span style="color:rgb(255,255,255);font-family:&#39;Open Sans&#39;,Helvetica,Arial,sans-serif;font-size:12px;line-height:20px;background-color:rgba(0,0,0,0.2)">Invalid redirect_uri. .   </span></div><div><br></div><div>In looking at the http requests I am seeing </div><div><span style="color:rgb(48,57,66);font-family:Menlo,monospace;font-size:11px;white-space:pre-wrap">/auth/realms/aerogear/tokens/login url cause a 500</span></div>
                <div><div><br></div><div>Any way to troubleshoot why its giving a 500?</div><div><br></div><div>Thanks in advance,</div><div><br></div><div><br></div><div><br></div><div><br></div><div>-- </div><div>Chris Hale</div><div>Sent with <a href="http://www.sparrowmailapp.com/?sig" rel="nofollow" link="external" target="_blank">Sparrow</a></div><div><br></div></div><span class="">
                 
                <p style="color:rgb(160,160,168)">On Friday, October 17, 2014 at 12:31 AM, Matthias Wessendorf [via aerogear-dev] wrote:</p>
                </span><blockquote style="border-left-width:2px;border-left-style:solid;border-left-color:rgb(204,204,204);padding:0px 1em" type="cite">
                    <span><div><div><span class="">

        <div dir="ltr">Hi Chris!<div><br></div><div>thanks for trying the UnifiedPush Server. I have never tried to run the UPS behind a (ngnix) proxy. Does the same config work w/o the proxy? The stack above says &quot;Unable to resolve realm public key remotely&quot;, so I am wondering if the Keycoak Auth-Server is deployed as well.</div><div><br></div><div>In the meantime I&#39;ll ask our Keycloak friends if they have any experience on this.</div><div><br></div><div>Thanks,</div><div>Matthias</div></div></span><div><br><div><div><div class="h5">On Fri, Oct 17, 2014 at 6:59 AM, chale <span dir="ltr">&lt;<a href="http://user/SendEmail.jtp?type=node&amp;node=9490&amp;i=0" rel="nofollow" link="external" target="_blank">[hidden email]</a>&gt;</span> wrote:<br></div></div><blockquote style="border-left-width:2px;border-left-style:solid;border-left-color:rgb(204,204,204);padding:0px 1em" type="cite"><div><div><div class="h5">Hi,<br>
    I need some help.  I am trying to setup aerogear behind a nginx proxy<br>
server that has ssl enabled and I am running into issues.  Anytime i try to<br>
go to /ag-push I see this in the logs<br>
<br>
RROR [org.apache.catalina.connector.CoyoteAdapter]<br>
(http--10.128.93.235-8080-5) An exception or error occurred in the container<br>
during the request processing: java.lang.RuntimeException: Unable to resolve<br>
realm public key remotely, status = 403<br>
        at<br>
org.keycloak.adapters.AdapterDeploymentContext.resolveRealmKey(AdapterDeploymentContext.java:69)<br>
[keycloak-adapter-core-1.0-final.jar:]<br>
        at<br>
org.keycloak.adapters.AdapterDeploymentContext.resolveDeployment(AdapterDeploymentContext.java:55)<br>
[keycloak-adapter-core-1.0-final.jar:]<br>
        at<br>
org.keycloak.adapters.as7.AuthenticatedActionsValve.invoke(AuthenticatedActionsValve.java:45)<br>
[keycloak-as7-adapter-1.0-final.jar:]<br>
        at<br>
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:397)<br>
[jbossweb-7.0.13.Final.jar:]<br>
        at<br>
org.keycloak.adapters.as7.KeycloakAuthenticatorValve.invoke(KeycloakAuthenticatorValve.java:135)<br>
[keycloak-as7-adapter-1.0-final.jar:]<br>
        at<br>
<a href="http://org.jboss.as" target="_blank">org.jboss.as</a>.<a href="http://web.security.SecurityContextAssociationValve.invoke" rel="nofollow" link="external" target="_blank">web.security.SecurityContextAssociationValve.invoke</a>(SecurityContextAssociationValve.java:153)<br>
[jboss-as-web-7.1.1.Final.jar:7.1.1.Final]<br>
        at<br>
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155)<br>
[jbossweb-7.0.13.Final.jar:]<br>
        at<br>
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)<br>
[jbossweb-7.0.13.Final.jar:]<br>
        at<br>
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)<br>
[jbossweb-7.0.13.Final.jar:]<br>
        at<br>
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368)<br>
[jbossweb-7.0.13.Final.jar:]<br>
        at<br>
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877)<br>
[jbossweb-7.0.13.Final.jar:]<br>
        at<br>
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671)<br>
[jbossweb-7.0.13.Final.jar:]<br>
        at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930)<br>
[jbossweb-7.0.13.Final.jar:]<br>
        at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_65]<br>
<br>
Does anyone have any advice or experience on how to go about setting up<br>
aerogear behind an nginx proxy?<br>
<br>
<br>
<br>
--<br>
View this message in context: <a href="http://aerogear-dev.1069024.n5.nabble.com/setting-up-aerogear-behind-nginx-proxy-tp9489.html" rel="nofollow" link="external" target="_blank">http://aerogear-dev.1069024.n5.nabble.com/setting-up-aerogear-behind-nginx-proxy-tp9489.html</a><br>
Sent from the aerogear-dev mailing list archive at <a href="http://Nabble.com" rel="nofollow" link="external" target="_blank">Nabble.com</a>.<br>
_______________________________________________<br>
aerogear-dev mailing list<br>
</div></div><a href="http://user/SendEmail.jtp?type=node&amp;node=9490&amp;i=1" rel="nofollow" link="external" target="_blank">[hidden email]</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" rel="nofollow" link="external" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br>
</div></blockquote></div><span class=""><br><br clear="all"><div><br></div>-- <br>Matthias Wessendorf <br><br>blog: <a href="http://matthiaswessendorf.wordpress.com/" rel="nofollow" link="external" target="_blank">http://matthiaswessendorf.wordpress.com/</a><br>sessions: <a href="http://www.slideshare.net/mwessendorf" rel="nofollow" link="external" target="_blank">http://www.slideshare.net/mwessendorf</a><br>twitter: <a href="http://twitter.com/mwessendorf" rel="nofollow" link="external" target="_blank">http://twitter.com/mwessendorf</a>
</span></div>
<br>_______________________________________________
<br>aerogear-dev mailing list
<br><a href="http://user/SendEmail.jtp?type=node&amp;node=9490&amp;i=2" rel="nofollow" link="external" target="_blank">[hidden email]</a>
<br><a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" rel="nofollow" link="external" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a>

                
                
                
        <br>
        <br>
        <hr noshade size="1" color="#cccccc">
        <div style="color:rgb(68,68,68);font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:tahoma,geneva,helvetica,arial,sans-serif">
                <div style="font-weight:bold">If you reply to this email, your message will be added to the discussion below:</div>
                <a href="http://aerogear-dev.1069024.n5.nabble.com/setting-up-aerogear-behind-nginx-proxy-tp9489p9490.html" rel="nofollow" link="external" target="_blank">http://aerogear-dev.1069024.n5.nabble.com/setting-up-aerogear-behind-nginx-proxy-tp9489p9490.html</a>
        </div>
        <div style="color:rgb(102,102,102);font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:11px;font-family:tahoma,geneva,helvetica,arial,sans-serif;margin-top:0.4em;line-height:1.5em">
                        
                To unsubscribe from setting up aerogear behind nginx proxy, <a rel="nofollow" link="external">click here</a>.<br>
                <a href="http://aerogear-dev.1069024.n5.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&amp;id=instant_html%21nabble%3Aemail.naml&amp;base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&amp;breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml" rel="nofollow" style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:9px;line-height:normal;font-family:serif" link="external" target="_blank">NAML</a>
        </div></div></div></span>
                 
                 
                 
                 
                </blockquote>
                 
                <div>
                    <br>
                </div>


        
        
        
<br><hr align="left" width="300">
View this message in context: <a href="http://aerogear-dev.1069024.n5.nabble.com/setting-up-aerogear-behind-nginx-proxy-tp9489p9491.html" target="_blank">Re: [aerogear-dev] setting up aerogear behind nginx proxy</a><div class=""><div class="h5"><br>
Sent from the <a href="http://aerogear-dev.1069024.n5.nabble.com/" target="_blank">aerogear-dev mailing list archive</a> at Nabble.com.<br></div></div><br>_______________________________________________<br>
aerogear-dev mailing list<br>
<a href="mailto:aerogear-dev@lists.jboss.org">aerogear-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br></blockquote></div><br><br clear="all"><div><br></div>-- <br>Matthias Wessendorf <br><br>blog: <a href="http://matthiaswessendorf.wordpress.com/" target="_blank">http://matthiaswessendorf.wordpress.com/</a><br>sessions: <a href="http://www.slideshare.net/mwessendorf" target="_blank">http://www.slideshare.net/mwessendorf</a><br>twitter: <a href="http://twitter.com/mwessendorf" target="_blank">http://twitter.com/mwessendorf</a>
</div></div></div>