[keycloak-user] Keycloak behind two different proxies
Yang Yang
yy8402 at icloud.com
Thu Sep 5 09:47:15 EDT 2019
Thank you very much for the information, Stian! In that case I would be trying with the request provider.
Thanks,
Yang
> On Sep 5, 2019, at 20:02, Stian Thorgersen <sthorger at redhat.com> wrote:
>
> I assume you have different URLs exposed on the different proxies? If so the built-in fixed provider doesn't enable this use-case. You have two options here. Use the request provider and make the proxy refuse requests with invalid host headers, or write your own custom provider. For the latter it will only work as long as all clients use the public URL to access Keycloak as well, as otherwise Keycloak won't be able to know which is the correct public URL when it's accessed by an internal IP/address.
>
> On Thu, 5 Sep 2019 at 13:58, Yang Yang <yy8402 at icloud.com <mailto:yy8402 at icloud.com>> wrote:
> Hello,
>
> I have a use case where Keycloak needs to be deployed behind two different proxies: UserA —> ProxyA —> Keycloak <— ProxyB <— UserB, could you help to tell how to make it work?
>
> I followed the installation guide and got it work for UserA/ProxyA or UserB/ProxyB, but cannot make it work for both. This major problem is, rather than two different providers for UserA/ProxyA and UserB/ProxyB respectively, I can only set one fixed provider.
>
> Can anyone shed some light?
>
> Thanks,
> Yang
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org <mailto:keycloak-user at lists.jboss.org>
> https://lists.jboss.org/mailman/listinfo/keycloak-user <https://lists.jboss.org/mailman/listinfo/keycloak-user>
More information about the keycloak-user
mailing list