I have a requirement to use Keycloak behind IIS where some sort of SSO
product is already integrated with IIS. Whatever this product is sets the
REMOTE_USER header. It is easy enough to write a custom authenticator for
Keycloak to use the REMOTE_USER header. However, Keycloak's Wildfly server
(or its embedded Undertow) appears to be stripping out the header.
Is there any way to configure Keycloak or its Wildfly to let the
REMOTE_USER header pass through? Or are there any clever workarounds?
Thanks in advance.
Glenn