[keycloak-user] Gatekeeper security proxy configuration
Scherer, Jonas
jonas.scherer at dkfz-heidelberg.de
Mon Dec 10 09:03:46 EST 2018
Hey everybody,
I try to replace the "old" keycloak security proxy (https://www.keycloak.org/docs/3.3/server_installation/topics/proxy.html)
with Gatekeeper (https://github.com/keycloak/keycloak-gatekeeper).
My setup is within Kubernetes and looks like:
Keycloak
|
|
Gatekeeper ---- reverse-proxy (Traefik) -- application
So http://mypage/myapplication arrives at port 80 on Gatekeeper (GK).
GK will check if the user is logged in and has the correct role and then will proxy the url to the service of my reverse-proxy,
which will handle the routing to the corresponding application within the Kubernetes-cluster.
Everything behind GK is just accessible inside the cluster.
This is working with the old setup and Keylcoak security-proxy, but with Gatekeeper everything is working as expected,
except the proxying to the reverse proxy.
It seems to redirect me to the kubernetes-service url instead of proxying the traffic through GK.
The reverse-proxy service is just accessible within the Cluster so this will not work for me.
Is there a way to configure Gatekeeper to work just like the security proxy?
Thank you for your help!
Jonas
More information about the keycloak-user
mailing list