Yes, it’s been on the mailing list before.

For Keycloak:

http://keycloak.github.io/docs/userguide/keycloak-server/html/server-installation.html#proxy-address-forwarding


For Nginx:

server {
  listen 443;
  server_name localhost;

  ssl on;
  ssl_certificate /etc/pki/tls/certs/server.crt;
  ssl_certificate_key /etc/pki/tls/certs/server.key;

  location / {
    proxy_pass http://your-keycloak-host-here:-your-wildfly-proxy-https-port;
    proxy_http_version 1.1;

    proxy_set_header Connection "";
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto https;
  }
}


Scott Rossillo
Smartling | Senior Software Engineer
srossillo@smartling.com

On Apr 29, 2016, at 1:59 PM, Rodrigo Gonzalez Asensio <rasensio@gmail.com> wrote:

All local environment

1 keycloak 1.7 & 1.9 listening on port 8080
2 tomcat 7 with java webapp using Keycloak filter (not the adapter)
1 nginx load balancing the 2 tomcats. Nginx config below

upstream jeremy {
        server localhost:8082;
        server localhost:8999;
    }

    server {
        listen 80;
server_name localhost;

        location / {
            proxy_pass http://jeremy/;
            proxy_redirect off;
    proxy_set_header Host $host;
}
  }

My Keycloak client all defaults, 1 only valid redirect_uri. 
As soon as I validate the login in keycloak it gets crazy with ERR_TOO_MANY_REDIRECTS

The same thing happen in AWS having a ELB > tomcats or ELB > NGINX > tomcats.

Anyone had a similar issue ?

_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user