<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 13/07/16 13:50, Bruce Shaw wrote:<br>
</div>
<blockquote
cite="mid:CAFYKa1mHK1-sAd+KRBZaqf6NhR-CX8xGTeeanSvL5iDuFL=M+g@mail.gmail.com"
type="cite">
<div dir="ltr"><span style="font-size:12.8px">Hello,</span>
<div style="font-size:12.8px"><br>
</div>
<div style="font-size:12.8px">I have a standalone Keycloak
docker deployed behind a loadbalancer like so:</div>
<div style="font-size:12.8px"><br>
</div>
<div style="font-size:12.8px">https ->
(443) loadbalancer -> (80) Server -> (8080)
DockerContainer</div>
<div style="font-size:12.8px"><br>
</div>
<div style="font-size:12.8px">I'm terminating SSL at the
loadbalancer, so hitting <a moz-do-not-send="true"
href="https://accounts.mysite.com/auth/admin."
target="_blank">https://accounts.mysite.com/auth/admin.</a>..
fails because all assets return as http. I expected Keycloak
to match the protocol of https.</div>
<div style="font-size:12.8px"><br>
</div>
<div style="font-size:12.8px">If I hit my loadbalancer directly
with http, I can flip the switch inside the realm to force all
requests to require ssl. Then back over to <a
moz-do-not-send="true"
href="https://accounts.mysite.com/auth/admin."
target="_blank"><a class="moz-txt-link-freetext" href="https://accounts.mysite.com/auth/admin">https://accounts.mysite.com/auth/admin</a>.</a>..
says "HTTPS Required"?? </div>
<div style="font-size:12.8px"><br>
</div>
<div style="font-size:12.8px">My network administration
knowledge is limited, so at this point I'm stuck. Is there an
issue with my standalone.xml configuration?</div>
</div>
</blockquote>
Yes, looks like that. Your loadbalancer must forward the headers
like "X-Forwarded-Proto" . You can also set it in standalone.xml on
Keycloak side, so Keycloak see the correct protocol. For some
details, see our docs:<br>
<a class="moz-txt-link-freetext" href="https://keycloak.gitbooks.io/server-installation-and-configuration/content/v/2.0/topics/clustering/load-balancer.html">https://keycloak.gitbooks.io/server-installation-and-configuration/content/v/2.0/topics/clustering/load-balancer.html</a><br>
<a class="moz-txt-link-freetext" href="https://keycloak.gitbooks.io/server-installation-and-configuration/content/v/2.0/topics/network/https.html">https://keycloak.gitbooks.io/server-installation-and-configuration/content/v/2.0/topics/network/https.html</a><br>
<br>
Marek<br>
<blockquote
cite="mid:CAFYKa1mHK1-sAd+KRBZaqf6NhR-CX8xGTeeanSvL5iDuFL=M+g@mail.gmail.com"
type="cite">
<div dir="ltr">
<div style="font-size:12.8px"><br>
</div>
<div style="font-size:12.8px">jboss.bind.address is "0.0.0.0"</div>
<div style="font-size:12.8px">
<p><http-listener name="default" socket-binding="http" redirect-socket="https" /></p>
</div>
<div style="font-size:12.8px"><br>
</div>
<div style="font-size:12.8px">thanks</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
keycloak-user mailing list
<a class="moz-txt-link-abbreviated" href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a>
<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/keycloak-user">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>
</blockquote>
<br>
</body>
</html>