<div dir="ltr">Thank you very much Scott, you've saved me - that was the solution. <div><br></div><div>Cheers,</div><div>Adrian</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Jan 13, 2016 at 4:41 PM, Scott Rossillo <span dir="ltr"><<a href="mailto:srossillo@smartling.com" target="_blank">srossillo@smartling.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word">I believe you have to tell Wildfly to listen for proxied connections. In standalone/configuration/standalone.xml change:<div><br></div><div><http-listener name="default" socket-binding="http" redirect-socket="https”/></div><div><br></div><div>to</div><div><br></div><div><http-listener name="default" socket-binding="http" redirect-socket=“https” proxy-address-forwarding="true"/></div><div><br></div><div>Hope that helps. If not, check your nginx error log.</div><div><br><div>
<div>Scott Rossillo</div><div>Smartling | Senior Software Engineer</div><div><a href="mailto:srossillo@smartling.com" target="_blank">srossillo@smartling.com</a></div><div><br></div><div><a href="https://app.sigstr.com/uc/55e5d41c6533390d03580000" style="color:rgb(0,75,118);font-family:gesta,Arial,Helvetica,sans-serif;font-size:14px;line-height:20px;background-color:rgb(255,255,255);outline:0px!important" target="_blank"><img alt="Latest News + Events" border="0" src="https://app.sigstr.com/uc/55e5d41c6533390d03580000/img" style="border:0px;vertical-align:top;max-width:100%;min-height:auto;width:inherit;color:blue;font-family:Helvetica;font-size:12px"></a><span style="color:rgb(169,169,169);font-family:gesta,Arial,Helvetica,sans-serif;font-size:14px;line-height:20px;background-color:rgb(255,255,255)"></span><div style="color:rgb(169,169,169);font-family:gesta,Arial,Helvetica,sans-serif;font-size:14px;line-height:20px;background-color:rgb(255,255,255)"><a href="http://www.sigstr.com/" style="color:rgb(0,124,194);text-decoration:none;background-color:transparent;outline:0px!important" target="_blank"><img alt="Powered by Sigstr" border="0" src="https://app.sigstr.com/uc/55e5d41c6533390d03580000/watermark" style="border:0px;vertical-align:top;max-width:100%;min-height:auto;width:inherit;color:rgb(99,99,99);font-family:Helvetica;font-size:11px"></a></div></div>
</div>
<br><div><blockquote type="cite"><div><div class="h5"><div>On Jan 13, 2016, at 12:28 AM, Adrian Matei <<a href="mailto:adrianmatei@gmail.com" target="_blank">adrianmatei@gmail.com</a>> wrote:</div><br></div></div><div><div><div class="h5"><div dir="ltr">Can anyone help me with a configuration of keycloak (port 8180) and tomcat (port 8080) running on the same host/domain having nginx as reverse proxy server in front of it (new to nginx). <div><br></div><div>Accessed on individual ports they run perfectly but when going over nginx, tomcat address (localhost) works but keycloak (localhost/auth) won't.</div><div><br></div><div>Here's my nginx configuration:</div><div><br></div><blockquote style="margin:0 0 0 40px;border:none;padding:0px"><div><div>user www-data;</div></div><div><div>worker_processes 4;</div></div><div><div>pid /run/nginx.pid;</div></div><div><div><br></div></div><div><div>events {</div></div><div><div><span style="white-space:pre-wrap"> </span>worker_connections 1024;</div></div><div><div><span style="white-space:pre-wrap"> </span># multi_accept on;</div></div><div><div>}</div></div><div><div><br></div></div><div><div>http {</div></div><div><div><span style="white-space:pre-wrap"> </span>server_tokens off; #hides nginx version and OS running on</div></div><div><div><span style="white-space:pre-wrap"> </span>include /etc/nginx/mime.types;</div></div><div><div><br></div></div><div><div><span style="white-space:pre-wrap"> </span>upstream tomcat_server {</div></div><div><div><span style="white-space:pre-wrap"> </span>server localhost:8080;</div></div><div><div><span style="white-space:pre-wrap"> </span>}</div></div><div><div><span style="white-space:pre-wrap"> </span>upstream keycloak_server {</div></div><div><div><span style="white-space:pre-wrap"> </span>server localhost:8180;</div></div><div><div><span style="white-space:pre-wrap"> </span>}</div></div><div><div><br></div></div><div><div><span style="white-space:pre-wrap"> </span>server {</div></div><div><div><span style="white-space:pre-wrap"> </span>listen 80;</div></div><div><div><span style="white-space:pre-wrap"> </span>server_name localhost;</div></div><div><div><br></div></div><div><div><span style="white-space:pre-wrap"> </span>location / {</div></div><div><div><span style="white-space:pre-wrap"> </span>try_files $uri $uri/index.hml /maintenance.html @tomcat;</div></div><div><div><span style="white-space:pre-wrap"> </span>}</div></div><div><div><br></div></div><div><div><span style="white-space:pre-wrap"> </span>location @tomcat {</div></div><div><div><span style="white-space:pre-wrap"> </span>proxy_pass <a href="http://tomcat_server/" target="_blank">http://tomcat_server</a>;</div></div><div><div><span style="white-space:pre-wrap"> </span>proxy_set_header Host $host; </div></div><div><div><span style="white-space:pre-wrap"> </span>}</div></div><div><div><br></div></div><div><div><span style="white-space:pre-wrap"> </span> location /auth/ {</div></div><div><div><span style="white-space:pre-wrap"> </span>proxy_pass <a href="http://keycloak_server/" target="_blank">http://keycloak_server</a>;</div></div><div><div><br></div></div><div><div><span style="white-space:pre-wrap"> </span>proxy_set_header Host $host;</div></div><div><div><span style="white-space:pre-wrap"> </span>proxy_set_header X-Real-IP $remote_addr;</div></div><div><div><span style="white-space:pre-wrap"> </span>proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;</div></div><div><div><span style="white-space:pre-wrap"> </span>proxy_set_header X-Forwarded-Proto $scheme;</div></div><div><div> }</div></div><div><div><br></div></div><div><div><span style="white-space:pre-wrap"> </span>}</div></div><div><div>}</div></div></blockquote><div><div><span style="white-space:pre-wrap"> </span></div></div><div><br></div><div>Thanks,</div><div>Adrian</div></div></div></div>
_______________________________________________<br>keycloak-user mailing list<br><a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a><br><a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></div></blockquote></div><br></div></div></blockquote></div><br></div>