[keycloak-user] Significant SSL issue: Support for reverse proxies
Josh
smysnk at gmail.com
Fri Jun 13 03:41:32 EDT 2014
Hi guys,
So looking to help solve this issue possibly or at least get it on the
radar, I've reported it here: https://issues.jboss.org/browse/KEYCLOAK-497
To breifly recap the issue, when logging in via reverse proxy it keeps
forwarding the browser from https back to regular http.
Eg. Apache virtualhost configured as:
<VirtualHost *:443>
ServerName auth.domain.com
SSLEngine On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyVia Off
ProxyPreserveHost On
ProxyRequests Off
ProxyPass / http://keycloak.core.docker:8080/
ProxyPassReverse / http://keycloak.core.docker:8080/
</VirtualHost>
If I were to start looking into the code base, where would I start? Trying
to find for example during the login process how the forward url is formed?
Thanks,
Josh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20140613/baa0bee4/attachment.html
More information about the keycloak-user
mailing list