8 a.m.
Answer depends on what application server you are using, but in summary you
need to make sure the reverse proxy is configured to include correct
headers and application server is configured to use the headers. This is
required so HttpServletRequest.getRequestURL returns the URL used by the
user and not the internal URL used by the proxy.
On 16 June 2016 at 08:19, ROMELOT Didier <didier.romelot(a)renault.com> wrote:
Hi, we deploy applications that use keycloak SAML filter to handle
SAML
authentication.
We face some trouble when configuring the app acting behind a reverse
proxy. In that situation keycloak library raises an exception :
WebBrowserSsoAuthenticationHandler ERROR Request URI does not match SAML
request destination
We try to fix it with configuration on reverse proxy but whithout success.
Does anyone faced with such problem ?
regards
[image:
http://collaboration2010.sharepoint.renault.fr/is/fsc/places/blog/Lists/P...]
*Didier ROMELOT*
DIA-AT - Technical Architecture
API : FR EQV NOV 3 39
13, avenue Paul Langevin
92359 Le Plessis Robinson Cedex - FRANCE
Tél. : +33 1 76 84 95 28
-- Disclaimer ------------------------------------
Ce message ainsi que les eventuelles pieces jointes constituent une
correspondance privee et confidentielle a l'attention exclusive du
destinataire designe ci-dessus. Si vous n'etes pas le destinataire du
present message ou une personne susceptible de pouvoir le lui delivrer, il
vous est signifie que toute divulgation, distribution ou copie de cette
transmission est strictement interdite. Si vous avez recu ce message par
erreur, nous vous remercions d'en informer l'expediteur par telephone ou de
lui retourner le present message, puis d'effacer immediatement ce message
de votre systeme.
*** This e-mail and any attachments is a confidential correspondence
intended only for use of the individual or entity named above. If you are
not the intended recipient or the agent responsible for delivering the
message to the intended recipient, you are hereby notified that any
disclosure, distribution or copying of this communication is strictly
prohibited. If you have received this communication in error, please notify
the sender by phone or by replying this message, and then delete this
message from your system.
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
