Re: [keycloak-user] Behind a reverse proxy using context path

Hello, I'm stuck with Keycloak 1.7.0 Final on WildFly 9 behind a reverse proxy (nginx). The WildFly is configured for proxying according to the Keycloak guide and the proxy sends the needed custom HTTP headers. I have a public SSL secured domain and nginx proxying requests to internal WildFly server. I would like to use URL: https://domain.foo/sso/ to access the Keycloak (internal WildFly). I guess the context path (sso/) is important here. Accessing the address I can reach the Keycloak default welcome page. However, a GET https://domain.foo/sso/admin results in 302 to Location: https://domain.foo/admin/master/console/. Obviously this redirect fails because its Location misses the needed context path (sso/). Adding the context path to a request manually results in a 200 but following resources fail to download because of the missing context path part of URL. Is my configuration wrong? Is there a way how the original base URL can be set? Is it even possible to have it behind a reverse proxy not running at root context? Is the origin detection broken? Thanks in advance Andy _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user