Re: [keycloak-user] clients behind load balancer issues
Yes, it’s been on the mailing list before.
For Keycloak:
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
For Nginx:
server {
listen 443;
server_name localhost;
ssl on;
ssl_certificate /etc/pki/tls/certs/server.crt;
ssl_certificate_key /etc/pki/tls/certs/server.key;
location / {
proxy_pass http://your-keycloak-host-here:-your-wildfly-proxy-https-port;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
}
Scott Rossillo
Smartling | Senior Software Engineer
srossillo(a)smartling.com
On Apr 29, 2016, at 1:59 PM, Rodrigo Gonzalez Asensio
<rasensio(a)gmail.com> wrote:
All local environment
1 keycloak 1.7 & 1.9 listening on port 8080
2 tomcat 7 with java webapp using Keycloak filter (not the adapter)
1 nginx load balancing the 2 tomcats. Nginx config below
upstream jeremy {
server localhost:8082;
server localhost:8999;
}
server {
listen 80;
server_name localhost;
location / {
proxy_pass http://jeremy/ <http://jeremy/>;
proxy_redirect off;
proxy_set_header Host $host;
}
}
My Keycloak client all defaults, 1 only valid redirect_uri.
As soon as I validate the login in keycloak it gets crazy with ERR_TOO_MANY_REDIRECTS
The same thing happen in AWS having a ELB > tomcats or ELB > NGINX > tomcats.
Anyone had a similar issue ?
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
Attachments:
- attachment.html (text/html — 6.8 KB)