[keycloak-user] Mixed Content error because of Keyloack default login redirection
Murat Doner
muratfair at gmail.com
Thu Mar 7 08:14:52 EST 2019
Hello,
*INFORMATION NEEDED:*
I use Keycloak (Docker version) behind a Spring project.
(The client side of this project is React and communication between client
and backend is provided by REST services.)
The client side is secured and using "https" scheme.
It is my Spring configuration:
keycloak:
auth-server-url:
https://sso-ssoha.b9ad.pro-us-east-1.openshiftapps.com/auth
realm: master
resource: clientname
public-client: true
*THE ROOT OF THE PROBLEM:*
When I click a link from client, it calls a Spring service normally. But
before that, it redirects to default login page of Keycloak with adding
this path *sso/login* to the current "https" url but changing scheme to
"http".
*But, redirecting from https to http create a problem like this:*
Mixed Content: The page at 'https://www.helpful.army/contents/Problem'
was loaded over HTTPS, but requested an insecure resource
'http://serviceha-helpfularmy.b9ad.pro-us-east-1.openshiftapps.com/sso/login'.
This request has been blocked; the content must be served over HTTPS.
Problem on StackOverFlow:
https://stackoverflow.com/questions/55044623/mixed-content-error-because-of-keyloack-default-login-redirection
More information about the keycloak-user
mailing list