[keycloak-user] Admin console and reverse proxy
Benoit HERARD
benoit.herard at orange.com
Mon Jun 4 04:40:21 EDT 2018
Hi All
I've installed the latest version (4.0.0.Beta3) on a test box and
followed this guide
(https://www.keycloak.org/docs/latest/server_installation/index.html#_setting-up-a-load-balancer-or-proxy)
to access keycloak through an apache reverse proxy.
For the moment, in order to facilitate troubleshooting, my configuration
is using http only (for keycloak and apache).
Apache is listening on port 80 and keycloak on 8080
For now, I can perfectly connect and use the user account management via
the proxy (http://localhost/auth/realms/master/account)
As well, I can configure and use mod_auth_openid to protect backends on
apache.
My probelm is when I want to connect the keycloak admin console.
If I go directly on WildFly (http://localhost:8080/auth/admin) it works.
I can login and use the admin console.
But if a go there via the proxy (http://localhost/auth/admin) it fails.
The login form open, I can entrer and submit my creds but then a blank
page opens when admin console GUI should be available.
With developers tools of by browser I can see that cookies seems to be
set correctly by authent. server (f.e. from this blank page I type the
url of account management and it's displayed without re-entering creds,
so I conclude that I am logged in).
Developer tools call stack shows that it fails in calling
https://localhost/auth/admin/master/console/whoami with HTTP 401
(unauthorized)
Any idea?
Thx
More information about the keycloak-user
mailing list