Hi Bill,

Thank your for your answer, but I still don't seem to get Keycloak to "catch" my requests against the protected application.
Let me make the scenario clear:

1. Application to be protected runs on http://localhost:8280/backend

2. Server proxy started and runs on http://localhost:8080, when I type http://localhost:8080/backend in the browser I see the protected application

3. Keycloak server runs on http://localhost:8180/auth 

4. The adapter config in the "applications" section corresponds now the proxy client I have  configured in the Keycloak realm:
Client ID: proxy
Client Protocol: openid-connect
Access Type: confidential
Valid Redirect URIs: http://localhost:8080/backend/*

I am not sure how to configure the proxy Server - now I have the following:
{
    "target-url": "http://localhost:8280/", ???
    "send-access-token": false,
    "bind-address": "localhost",
    "http-port": "8080", ???
    "applications": [
        {
            "base-path": "/backend",
            "error-page": "/error.html",
            "adapter-config": {
                "realm": "demo",
                "resource": "proxy",
                "realm-public-key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
                "auth-server-url": "http://localhost:8180/auth",
                "ssl-required" : "external",
                "principal-attribute": "name",
                "credentials": {
                    "secret": "4ef4196d-9e86-4795-9219-dc1288b87c2b"
                }
            }
            
        }
    ]
}
Questions:
1. The target-url I set it to the URL of the application the proxy server is proxying - this means the server can only proxy applications on the same URL?
2. What am I doing wrong :((((?

Thanks a bunch,
Adrian

"Can't really see the screenshot, but you have to point keycloak to the
host/port of the proxy.

On 11/19/2015 9:13 AM, Adrian Matei wrote:
> Hi everyone,
>
> I am trying to make a simple test and configure a keycloak proxy to
> protect an application running on http://localhost:8280/backend/
>on looks like the following:
>
> {
>      "target-url": "http://localhost:8280/",
>      "send-access-token": false,
>      "bind-address": "localhost",
>      "http-port": "8080",
>      "applications": [
>          {
>              "base-path": "/backend",
>              "error-page": "/error.html",
>              "adapter-config": {
>                  "realm": "demo",
>                  "resource": "sandbox-backend",
>                  "realm-public-key":
> "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
>                  "auth-server-url": "http://localhost:8180/auth",
>                  "ssl-required" : "external",
>                  "credentials": {
>                      "secret": "9323cdd6-7e0e-46ce-814f-b5ac79581395"
>                  }
>              }
>          }
>      ]
> }
>
> 2.
> I've started the proxy server as specified in the documentation "java
> -jar bin/launcher.jar proxy.json"
> I am getting an error "ERROR: UT005026: Jetty ALPN support not found on
> boot class path, SPDY client will not be available.", but the server
> still starts, I don't think there should be a problem with that...
>
> 3. In the admin console (keycloak running on port 8180) I've configured
> the backend application like the following:
>
> Could you tell me what I am doing wrong? When I put in the app's url in
> the browser it goes directly to the application...
>
> Thanks,
> Adrian"