7:38 a.m.
I am having a little more positive progress and a few more useful things to report from me
trying to get this working.
The logs below aren’t an issue anymore. Here is how i now have things setup.
I have nginx setup and running on port 443 and my nginx config looks like this
location / {
if ($http_user_agent ~ ^$) {
# return 403;
}
proxy_pass http://10.128.93.235:8080/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto "https";
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
I seem to be able to login if i choose http://myserver.com but if i try and do
https://myserver.com/ag-push
I get a message that is saying we are sorry Invalid redirect_uri. .
In looking at the http requests I am seeing
/auth/realms/aerogear/tokens/login url cause a 500
Any way to troubleshoot why its giving a 500?
Thanks in advance,
--
Chris Hale
Sent with Sparrow (http://www.sparrowmailapp.com/?sig)
On Friday, October 17, 2014 at 12:31 AM, Matthias Wessendorf [via aerogear-dev] wrote:
Hi Chris!
thanks for trying the UnifiedPush Server. I have never tried to run the UPS behind a
(ngnix) proxy. Does the same config work w/o the proxy? The stack above says "Unable
to resolve realm public key remotely", so I am wondering if the Keycoak Auth-Server
is deployed as well.
In the meantime I'll ask our Keycloak friends if they have any experience on this.
Thanks,
Matthias
On Fri, Oct 17, 2014 at 6:59 AM, chale <[hidden email]
(/user/SendEmail.jtp?type=node&node=9490&i=0)> wrote:
> Hi,
> I need some help. I am trying to setup aerogear behind a nginx proxy
> server that has ssl enabled and I am running into issues. Anytime i try to
> go to /ag-push I see this in the logs
>
> RROR [org.apache.catalina.connector.CoyoteAdapter]
> (http--10.128.93.235-8080-5) An exception or error occurred in the container
> during the request processing: java.lang.RuntimeException: Unable to resolve
> realm public key remotely, status = 403
> at
>
org.keycloak.adapters.AdapterDeploymentContext.resolveRealmKey(AdapterDeploymentContext.java:69)
> [keycloak-adapter-core-1.0-final.jar:]
> at
>
org.keycloak.adapters.AdapterDeploymentContext.resolveDeployment(AdapterDeploymentContext.java:55)
> [keycloak-adapter-core-1.0-final.jar:]
> at
>
org.keycloak.adapters.as7.AuthenticatedActionsValve.invoke(AuthenticatedActionsValve.java:45)
> [keycloak-as7-adapter-1.0-final.jar:]
> at
>
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:397)
> [jbossweb-7.0.13.Final.jar:]
> at
>
org.keycloak.adapters.as7.KeycloakAuthenticatorValve.invoke(KeycloakAuthenticatorValve.java:135)
> [keycloak-as7-adapter-1.0-final.jar:]
> at
> org.jboss.as.web.security.SecurityContextAssociationValve.invoke
(http://web.security.SecurityContextAssociationValve.invoke)(SecurityConte...)
> [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]
> at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155)
> [jbossweb-7.0.13.Final.jar:]
> at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
> [jbossweb-7.0.13.Final.jar:]
> at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
> [jbossweb-7.0.13.Final.jar:]
> at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368)
> [jbossweb-7.0.13.Final.jar:]
> at
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877)
> [jbossweb-7.0.13.Final.jar:]
> at
>
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671)
> [jbossweb-7.0.13.Final.jar:]
> at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930)
> [jbossweb-7.0.13.Final.jar:]
> at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_65]
>
> Does anyone have any advice or experience on how to go about setting up
> aerogear behind an nginx proxy?
>
>
>
> --
> View this message in context:
http://aerogear-dev.1069024.n5.nabble.com/setting-up-aerogear-behind-ngin...
> Sent from the aerogear-dev mailing list archive at Nabble.com (http://Nabble.com).
> _______________________________________________
> aerogear-dev mailing list
> [hidden email] (/user/SendEmail.jtp?type=node&node=9490&i=1)
> https://lists.jboss.org/mailman/listinfo/aerogear-dev
--
Matthias Wessendorf
blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf
_______________________________________________
aerogear-dev mailing list
[hidden email] (/user/SendEmail.jtp?type=node&node=9490&i=2)
https://lists.jboss.org/mailman/listinfo/aerogear-dev
If you reply to this email, your message will be added to the discussion below:
http://aerogear-dev.1069024.n5.nabble.com/setting-up-aerogear-behind-ngin...
To unsubscribe from setting up aerogear behind nginx proxy, click here
(http://aerogear-dev.1069024.n5.nabble.com/template/NamlServlet.jtp?macro=...).
NAML
(http://aerogear-dev.1069024.n5.nabble.com/template/NamlServlet.jtp?macro=...)
--
View this message in context:
http://aerogear-dev.1069024.n5.nabble.com/setting-up-aerogear-behind-ngin...
Sent from the aerogear-dev mailing list archive at Nabble.com.