9:26 p.m.
All browser HTTP requests go through the proxy. Your browser is never
redirected to the actual application. The actual application should be
behind a firewall or some other mechanism. Its the same concept as
using Apache HTTPD in front of an application.
On 2/17/2015 4:34 PM, Chen Keong Yap wrote:
Hi,
Is there any updates? The app is protected by proxy but after login is
successful and is not redirect back to app and stay at proxy url
On Feb 17, 2015 4:54 PM, "Chen Keong Yap" <chenkeong.yap(a)izeno.com
<mailto:chenkeong.yap@izeno.com>> wrote:
Hi,
When i access my app from http://localhost:8080/customer-portal and
it was redirected to keycloak login page
(https://192.168.1.10:8443/auth). After login is successful, the
request is redirected back to http://localhost:8080/customer-portal
instead of http://localhost:9080/customer-portal. Can someone advise
what's wrong with the settings?
keycloak proxy server hosted on localhost:8080
customer-portal application hosted on localhost:9080
proxy.json configuration shown below.
{
"target-url": "http://localhost:8082",
"bind-address": "localhost",
"http-port": "8080",
"https-port": "8443",
"keystore": "classpath:ssl.jks",
"keystore-password": "password",
"key-password": "password",
"send-access-token": true,
"applications": [
{
"base-path": "/customer-portal",
"error-page": "/error.html",
"adapter-config": {
"realm": "demo",
"resource": "customer-portal",
"realm-public-key":
"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
"auth-server-url":
"https://192.168.1.10:8443/auth",
"ssl-required" : "external",
"enable-cors" : true,
"principal-attribute": "KEYCLOAK_NAME",
"credentials": {
"secret": "password"
}
}
,
"constraints": [
{
"pattern": "/users/*",
"roles-allowed": [
"user"
]
},
{
"pattern": "/*",
"roles-allowed": [
"user"
]
},
{
"pattern": "/call-bearer/*",
"roles-allowed": [
"user"
]
},
{
"pattern": "/bearer/*",
"roles-allowed": [
"user"
]
},
{
"pattern": "/admins/*",
"roles-allowed": [
"admin"
]
},
{
"pattern": "/users/permit",
"permit": true
},
{
"pattern": "/users/deny",
"deny": true
}
]
}
]
}
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com