[keycloak-user] How to configure keycloak with NGINX for J2EE web applicaton?

subodhomjoshi82 subodhcjoshi82 at gmail.com
Wed Jan 24 04:28:44 EST 2018 

How previously my web-application setup with keycloak?

    Installed keycloak in server machine
    Deployed the web-application in Jboss server
    Added the keycloak certificate into the Java Keytool in the machine
where web-app running.
    Made following changes in Standalone.xml file of JBOSS ES6.4
*
Added Extension*

 <extension module="org.keycloak.keycloak-adapter-subsystem"/>
*
Added security-domain*

<security-domain name="keycloak">
                    <authentication>
                        <login-module
code="org.keycloak.adapters.jboss.KeycloakLoginModule" flag="required"/>
                    </authentication>
 </security-domain>
*
Added Connector*

<connector name="https" protocol="HTTP/1.1" scheme="https"
socket-binding="https" enable-lookups="false" secure="true">
                <ssl name="ssl" key-alias="initcert" password="keycloak"
certificate-key-file="C:\Code_Base\keycloak_certificates\keycloak_server\keycloak.jks"
protocol="TLSv1,SSLv3,SSLv2" verify-client="false"/>
</connector>
*
Add SubSystem*

 <subsystem xmlns="urn:jboss:domain:keycloak:1.1">
                <secure-deployment name="MyApp.war">
                    <realm>MYRealm</realm>
                    <resource>MyApp</resource>
                   
<use-resource-role-mappings>true</use-resource-role-mappings>
                    <auth-server-url>https://<Server
IP>/auth/</auth-server-url>
                    <ssl-required>NONE</ssl-required>
                    <credential
name="secret">5c9f6ea3-3448-4569-b6c4-a9e62de4db52</credential>
                </secure-deployment>
            </subsystem>

So above changes working fine and my web application showing keycloak login
page and after successful login its showing my web app Home page.

Now my requirement to run Keycloak in HA mode with load balancer NGINX So
NGINX will be in front end and NGINX will decide which keycloak to point
when hitting https://<NGINX IP ADDRESS>/auth and below things already done .

*What already done?*

    Installed HA Keycloak in Node1 and Running.
    Installed HA Keycloak in Node2 and Running.
    Installed common Database(Used by above keycloak) in Node3 and Running.
    Installed NGINX in Node4 and Running.
    Configure Both keycloak(Step1 and Step2) with NGINX
    Now NGINX url (https://<IP ADDRESS>/auth) showing login page of Keycloak
and login also working.

Now can someone please tell me what changes i have to do in Jboss so it will
work with new setup



--
Sent from: http://keycloak-user.88327.x6.nabble.com/

More information about the keycloak-user mailing list