[keycloak-user] Always redirected to login form

Stian Thorgersen stian at redhat.com
Wed Jan 21 01:17:57 EST 2015


Does it work if you bypass the proxy?

----- Original Message -----
> From: "Marko Radinovic" <markoradinovic79 at gmail.com>
> To: keycloak-user at lists.jboss.org
> Sent: Tuesday, 20 January, 2015 8:17:41 PM
> Subject: [keycloak-user] Always redirected to login form
> 
> Hi,
> When I try to login to master realm, I’am redirected back to login page.
> 
> I’m using:
> Wildfly 8.2.0.Final
> Keycloak version 1.1.0-Beta2
> Apache2 as proxy server.
> 
> Here is my apache configuration
> 
> IfModule mod_ssl.c>
> <VirtualHost _default_:443>
> ServerName accounts.e-karton.net
> 
> ErrorLog ${APACHE_LOG_DIR}/ accounts.e-karton.net -error.log
> CustomLog ${APACHE_LOG_DIR}/ accounts.e-karton.net -access.log combined
> 
> SSLEngine on
> SSLProtocol all -SSLv2
> SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM
> 
> …SSL stuff omitted
> 
> 
> BrowserMatch "MSIE [2-6]" \
> nokeepalive ssl-unclean-shutdown \
> downgrade-1.0 force-response-1.0
> # MSIE 7 and newer should be able to use keepalive
> BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
> 
> 
> SetOutputFilter DEFLATE
> SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|ico|png)$ \ no-gzip dont-vary
> SetEnvIfNoCase Request_URI \.(?:exe|t?gz|zip|bz2|sit|rar)$ \no-gzip dont-vary
> SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|ico|png)$ \ no-gzip dont-vary
> SetEnvIfNoCase Request_URI \.(?:exe|t?gz|zip|bz2|sit|rar)$ \no-gzip dont-vary
> SetEnvIfNoCase Request_URI \.pdf$ no-gzip dont-vary
> 
> BrowserMatch ^Mozilla/4 gzip-only-text/html
> BrowserMatch ^Mozilla/4\.0[678] no-gzip
> BrowserMatch \bMSIE !no-gzip !gzip-only-text/htmles
> 
> # Turn off support for true Proxy behaviour as we are acting as
> # a transparent proxy
> ProxyRequests Off
> 
> # Turn off VIA header as we know where the requests are proxied
> ProxyVia Off
> ProxyPreserveHost On
> RequestHeader set X-Forwarded-Proto "https"
> SSLProxyEngine on
> <Proxy *>
> AddDefaultCharset Off
> Order deny,allow
> Allow from all
> </Proxy>
> 
> 
> ProxyPass / ajp://192.168.5.17:8009/
> ProxyPassReverse / ajp://192.168.5.17:8009/
> </VirtualHost>
> </IfModule>
> 
> 
> Wildfly configuration:
> 
> <subsystem xmlns="urn:jboss:domain:undertow:1.2">
> <buffer-cache name="default"/>
> <server name="default-server">
> <ajp-listener name="ajp" scheme="https" socket-binding="ajp"/>
> <http-listener name="default" certificate-forwarding="true"
> socket-binding="http" proxy-address-forwarding="true"/>
> <host name="default-host" alias="localhost">
> <location name="/" handler="welcome-content"/>
> <filter-ref name="server-header"/>
> <filter-ref name="x-powered-by-header"/>
> </host>
> <host name="accounts" alias=" accounts.e-karton.net "
> default-web-module="auth-server.war"/>
> </server>
> <servlet-container name="default">
> <jsp-config/>
> <websockets/>
> </servlet-container>
> <handlers>
> <file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>
> </handlers>
> <filters>
> <response-header name="server-header" header-name="Server"
> header-value="WildFly/8"/>
> <response-header name="x-powered-by-header" header-name="X-Powered-By"
> header-value="Undertow/1"/>
> </filters>
> </subsystem>
> 
> Keycloak jboss-web.xml
> 
> <?xml version="1.0"?>
> <!DOCTYPE jboss-web PUBLIC "-//JBoss//DTD Web Application 5.0//EN" "
> http://www.jboss.org/j2ee/dtd/jboss-web_5_0.dtd ">
> <jboss-web>
> <context-root>/</context-root>
> <virtual-host>accounts</virtual-host>
> </jboss-web>
> 
> Can anyone help me with this?
> 
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user



More information about the keycloak-user mailing list