[keycloak-user] Significant SSL issue: Support for reverse proxies
Juraci Paixão Kröhling
juraci at kroehling.de
Fri Jun 13 03:50:59 EDT 2014
-----BEGIN PGP SIGNED MESSAGE-----
I faced the exact same issue earlier this week, but with nginx. On a
seems to think that it's being served via non-SSL.
As I haven't had enough time to debug and do a proper fix, the quick
solution was to configure Wildfly to serve Keycloak via SSL and proxy
the request to 8443 instead of 8080. It works, but it's suboptimal.
There are instructions on the documentation on how to setup Wildfly to
serve requests via SSL.
- - Juca.
On 06/13/2014 09:41 AM, Josh wrote:
> Hi guys,
> So looking to help solve this issue possibly or at least get it on
> the radar, I've reported it here:
> To breifly recap the issue, when logging in via reverse proxy it
> keeps forwarding the browser from https back to regular http.
> Eg. Apache virtualhost configured as:
> <VirtualHost *:443> ServerName auth.domain.com
> <http://auth.domain.com> SSLEngine On
> <Proxy *> Order deny,allow Allow from all </Proxy>
> ProxyVia Off ProxyPreserveHost On
> ProxyRequests Off
> ProxyPass / http://keycloak.core.docker:8080/
> ProxyPassReverse / http://keycloak.core.docker:8080/
> If I were to start looking into the code base, where would I
> start? Trying to find for example during the login process how the
> forward url is formed?
> _______________________________________________ keycloak-user
> mailing list keycloak-user at lists.jboss.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
-----END PGP SIGNATURE-----
More information about the keycloak-user