I've run into an issue where the Keycloak Proxy is building an incorrect redirect_url
when it is behind an SSL terminating reverse-proxy/load balancer. The redirect_url ends up
with an "http" scheme, even with a x-forwarded-proto of "https".
I'm new to undertow, but it looks like what needs to change is adding a configuration
like "behind-reverse-proxy" that when true adds the ProxyPeerAddressHandler.
First, does that sound correct? And any objection to me adding this capability?
Architect, Red Hat Consulting
Show replies by date