<div dir="ltr">I&#39;m talking more about the login, registration, administration on the key cloak server, all the links revert https back to http.  I haven&#39;t got around to testing the adapters yet.</div><div class="gmail_extra">
<br><br><div class="gmail_quote">On Fri, Jun 13, 2014 at 6:42 AM, Bill Burke <span dir="ltr">&lt;<a href="mailto:bburke@redhat.com" target="_blank">bburke@redhat.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Was the adapter not configured right?  It should be pointed to the auth<br>
server&#39;s reverse-proxy URL.<br>
<div class="HOEnZb"><div class="h5"><br>
On 6/13/2014 3:50 AM, Juraci Paixão Kröhling wrote:<br>
&gt; -----BEGIN PGP SIGNED MESSAGE-----<br>
&gt; Hash: SHA512<br>
&gt;<br>
&gt; I faced the exact same issue earlier this week, but with nginx. On a<br>
&gt; quick look, the problem seems to be on the JavaScript adapter, which<br>
&gt; seems to think that it&#39;s being served via non-SSL.<br>
&gt;<br>
&gt; As I haven&#39;t had enough time to debug and do a proper fix, the quick<br>
&gt; solution was to configure Wildfly to serve Keycloak via SSL and proxy<br>
&gt; the request to 8443 instead of 8080. It works, but it&#39;s suboptimal.<br>
&gt; There are instructions on the documentation on how to setup Wildfly to<br>
&gt; serve requests via SSL.<br>
&gt;<br>
&gt; - - Juca.<br>
&gt;<br>
&gt; On 06/13/2014 09:41 AM, Josh wrote:<br>
&gt;&gt; Hi guys,<br>
&gt;&gt;<br>
&gt;&gt; So looking to help solve this issue possibly or at least get it on<br>
&gt;&gt; the radar, I&#39;ve reported it here:<br>
&gt;&gt; <a href="https://issues.jboss.org/browse/KEYCLOAK-497" target="_blank">https://issues.jboss.org/browse/KEYCLOAK-497</a><br>
&gt;&gt;<br>
&gt;&gt; To breifly recap the issue, when logging in via reverse proxy it<br>
&gt;&gt; keeps forwarding the browser from https back to regular http.<br>
&gt;&gt;<br>
&gt;&gt; Eg. Apache virtualhost configured as:<br>
&gt;&gt;<br>
&gt;&gt; &lt;VirtualHost *:443&gt; ServerName <a href="http://auth.domain.com" target="_blank">auth.domain.com</a><br>
&gt;&gt; &lt;<a href="http://auth.domain.com" target="_blank">http://auth.domain.com</a>&gt; SSLEngine On<br>
&gt;&gt;<br>
&gt;&gt; &lt;Proxy *&gt; Order deny,allow Allow from all &lt;/Proxy&gt;<br>
&gt;&gt;<br>
&gt;&gt; ProxyVia                Off ProxyPreserveHost       On<br>
&gt;&gt; ProxyRequests           Off<br>
&gt;&gt;<br>
&gt;&gt; ProxyPass               /       <a href="http://keycloak.core.docker:8080/" target="_blank">http://keycloak.core.docker:8080/</a><br>
&gt;&gt; ProxyPassReverse        /       <a href="http://keycloak.core.docker:8080/" target="_blank">http://keycloak.core.docker:8080/</a><br>
&gt;&gt;<br>
&gt;&gt;<br>
&gt;&gt; &lt;/VirtualHost&gt;<br>
&gt;&gt;<br>
&gt;&gt; If I were to start looking into the code base, where would I<br>
&gt;&gt; start? Trying to find for example during the login process how the<br>
&gt;&gt; forward url is formed?<br>
&gt;&gt;<br>
&gt;&gt; Thanks,<br>
&gt;&gt;<br>
&gt;&gt; Josh<br>
&gt;&gt;<br>
&gt;&gt;<br>
&gt;&gt; _______________________________________________ keycloak-user<br>
&gt;&gt; mailing list <a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
&gt;&gt; <a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br>
&gt;&gt;<br>
&gt;<br>
&gt; -----BEGIN PGP SIGNATURE-----<br>
&gt; Version: GnuPG v2.0.22 (GNU/Linux)<br>
&gt; Comment: Using GnuPG with Thunderbird - <a href="http://www.enigmail.net/" target="_blank">http://www.enigmail.net/</a><br>
&gt;<br>
&gt; iQEcBAEBCgAGBQJTmq1jAAoJEDnJtskdmzLM+iIIAI/TPlujrVqrFM6u7XqarUB/<br>
&gt; RVtgPzsF3cjeKJZQYAxJhBO7eMHYlGsfFwROylV1F397PNvQdOE5E+TBXI/pDwXr<br>
&gt; t5PVVVw9ehUVkf2gGLLXWkrniUCxbetKvColKIbRMGSpJuIOnUkLkP6J1J2wHGhl<br>
&gt; u5oLYNxLZfhP0Ag5/U9+3Mnezti0yKD7Z1818BtV45+9cCqwV45XqbcwNyoeBCPC<br>
&gt; +8iOmg5aFlNki1D/zGZNOkgziLzq8+lmK2yrpZGvSRZ10ShbCj80v72nkBB101Ac<br>
&gt; 6SYofgywL2CcDCOK1/MEo71pUzaUrXLoNbTT/4v18TSXvCF9M0RUSJSEr8MRvYk=<br>
&gt; =jExe<br>
&gt; -----END PGP SIGNATURE-----<br>
&gt; _______________________________________________<br>
&gt; keycloak-user mailing list<br>
&gt; <a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
&gt; <a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br>
&gt;<br>
<br>
</div></div><span class="HOEnZb"><font color="#888888">--<br>
Bill Burke<br>
JBoss, a division of Red Hat<br>
<a href="http://bill.burkecentral.com" target="_blank">http://bill.burkecentral.com</a><br>
</font></span><div class="HOEnZb"><div class="h5">_______________________________________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br>
</div></div></blockquote></div><br></div>