<div dir="ltr">Hi Bill,<div><br></div><div>Thank your for your answer, but I still don't seem to get Keycloak to "catch" my requests against the protected application.</div><div>Let me make the scenario clear:</div><div><br></div><div>1. Application to be protected runs on <a href="http://localhost">http://localhost</a>:<b>8280</b>/backend</div><div><br></div><div>2. Server proxy started and runs on <a href="http://localhost">http://localhost</a>:<b>8080</b>, when I type <a href="http://localhost:8080/backend">http://localhost:8080/backend</a> in the browser I see the protected application</div><div><br></div><div>3. Keycloak server runs on <a href="http://localhost">http://localhost</a>:<b>8180</b>/auth </div><div><br></div><div><div>4. The adapter config in the "applications" section corresponds now the proxy client I have configured in the Keycloak realm:</div><div><blockquote style="margin:0px 0px 0px 40px;border:none;padding:0px">Client ID: proxy</blockquote><blockquote style="margin:0px 0px 0px 40px;border:none;padding:0px">Client Protocol: openid-connect<br>Access Type: confidential<br>Valid Redirect URIs: <a href="http://localhost:8080/backend/*">http://localhost:8080/backend/*</a></blockquote></div></div><div><br></div><div>I am not sure how to configure the proxy Server - now I have the following:</div><div><div>{</div><div> "target-url": "<b><a href="http://localhost:8280/">http://localhost:8280/</a></b>", ???</div><div> "send-access-token": false,</div><div> "bind-address": "localhost",</div><div> "http-port": "8080", ???</div><div> "applications": [</div><div> {</div><div> "base-path": "<b>/backend</b>",</div><div> "error-page": "/error.html",</div><div> "adapter-config": {</div><div> "realm": "demo",</div><div> "resource": "<b>proxy</b>",</div><div> "realm-public-key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",</div><div> "auth-server-url": "<a href="http://localhost:8180/auth">http://localhost:8180/auth</a>",</div><div> "ssl-required" : "external",</div><div> "principal-attribute": "name",</div><div> "credentials": {</div><div> "secret": "4ef4196d-9e86-4795-9219-dc1288b87c2b"</div><div> }</div><div> }</div><div> </div><div> }</div><div> ]</div><div>}</div></div><div>Questions:</div><div>1. The target-url I set it to the URL of the application the proxy server is proxying - this means the server can only proxy applications on the same URL?</div><div>2. What am I doing wrong :((((?</div><div><blockquote style="margin:0px 0px 0px 40px;border:none;padding:0px"></blockquote></div><div><br></div><div>Thanks a bunch,</div><div>Adrian</div><div><br></div><div>"Can't really see the screenshot, but you have to point keycloak to the<br>host/port of the proxy.<br><br>On 11/19/2015 9:13 AM, Adrian Matei wrote:<br>> Hi everyone,<br>><br>> I am trying to make a simple test and configure a keycloak proxy to<br>> protect an application running on <a href="http://localhost:8280/backend/" rel="noreferrer" target="_blank">http://localhost:8280/backend/</a><br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">>on looks like the following:<br>><br>> {<br>> "target-url": "<a href="http://localhost:8280/" rel="noreferrer" target="_blank">http://localhost:8280/</a>",<br>> "send-access-token": false,<br>> "bind-address": "localhost",<br>> "http-port": "8080",<br>> "applications": [<br>> {<br>> "base-path": "/backend",<br>> "error-page": "/error.html",<br>> "adapter-config": {<br>> "realm": "demo",<br>> "resource": "sandbox-backend",<br>> "realm-public-key":<br>> "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",<br>> "auth-server-url": "<a href="http://localhost:8180/auth" rel="noreferrer" target="_blank">http://localhost:8180/auth</a>",<br>> "ssl-required" : "external",<br>> "credentials": {<br>> "secret": "9323cdd6-7e0e-46ce-814f-b5ac79581395"<br>> }<br>> }<br>> }<br>> ]<br>> }<br>><br>> 2.<br>> I've started the proxy server as specified in the documentation "java<br>> -jar bin/launcher.jar proxy.json"<br>> I am getting an error "ERROR: UT005026: Jetty ALPN support not found on<br>> boot class path, SPDY client will not be available.", but the server<br>> still starts, I don't think there should be a problem with that...<br>><br>> 3. In the admin console (keycloak running on port 8180) I've configured<br>> the backend application like the following:<br>><br>> Could you tell me what I am doing wrong? When I put in the app's url in<br>> the browser it goes directly to the application...<br>><br>> Thanks,<br>> Adrian"</blockquote><div> </div></div></div>