[keycloak-user] Tomcat 8 mod_proxy authentication error

Team, Javascript via a bearer token in a react app works fine to hit a URL that is configured in Tomcat to be protected.  tomcat.server/somepath/somepath/test.jsp The issue comes in when I try to login to the same URL that a bearer token works for, and I get in the tomcat log an error message of:25-Aug-2017 13:12:03.253 ERROR [ajp-nio-8009-exec-10] org.keycloak.adapters.OAuthRequestAuthenticator.resolveCode status from server: 404 If I am logged into the react app and try to hit the protected URL, I get a browser error of too many redirects when hitting the protected Tomcat URL. Googling around seems like I am practically the first one to see this issue. Nothing in the server server.log of the keycloak server. Configs are in tomcat:keycloak.json{   "realm": "myapp",  "realm-public-key":"${truncated}"  "auth-server-url": "https://someurl/auth",   "ssl-required": "external",   "resource": "customer-portal","enable-basic-auth": "true",  "credentials": {     "secret": "some secret"   },   "use-resource-role-mappings": "false" } In the server.xml of key cloak I have from the docs made the following changes.. <http-listener name="default" socket-binding="http" proxy-address-forwarding="true" redirect-socket="proxy-https"/><https-listener name="default-ssl" socket-binding="https" security-realm="UndertowRealm"/> <ajp-listener name="ajpListener" socket-binding="ajp"/> <socket-binding name="proxy-https" port="443"/> In my ajp.conf for mod_proxy I have this setup:RequestHeader set X-Forwarded-Proto "https" env=HTTPSProxyPass       /auth ajp://auth.someurl.com:8009/authProxyPassReverse    /auth ajp://auth.someurl.com:8009/auth I assume something isn't right in this setup, but who knows. Thank YouJim