Re: [keycloak-user] Always redirected to login form

On Jan 21, 2015, at 7:17 AM, Stian Thorgersen <stian(a)redhat.com&gt; wrote: Does it work if you bypass the proxy? ----- Original Message ----- > From: "Marko Radinovic" <markoradinovic79(a)gmail.com&gt; > To: keycloak-user(a)lists.jboss.org > Sent: Tuesday, 20 January, 2015 8:17:41 PM > Subject: [keycloak-user] Always redirected to login form > > Hi, > When I try to login to master realm, I’am redirected back to login page. > > I’m using: > Wildfly 8.2.0.Final > Keycloak version 1.1.0-Beta2 > Apache2 as proxy server. > > Here is my apache configuration > > IfModule mod_ssl.c> > <VirtualHost _default_:443> > ServerName accounts.e-karton.net > > ErrorLog ${APACHE_LOG_DIR}/ accounts.e-karton.net -error.log > CustomLog ${APACHE_LOG_DIR}/ accounts.e-karton.net -access.log combined > > SSLEngine on > SSLProtocol all -SSLv2 > SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM > > …SSL stuff omitted > > > BrowserMatch "MSIE [2-6]" \ > nokeepalive ssl-unclean-shutdown \ > downgrade-1.0 force-response-1.0 > # MSIE 7 and newer should be able to use keepalive > BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown > > > SetOutputFilter DEFLATE > SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|ico|png)$ \ no-gzip dont-vary > SetEnvIfNoCase Request_URI \.(?:exe|t?gz|zip|bz2|sit|rar)$ \no-gzip dont-vary > SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|ico|png)$ \ no-gzip dont-vary > SetEnvIfNoCase Request_URI \.(?:exe|t?gz|zip|bz2|sit|rar)$ \no-gzip dont-vary > SetEnvIfNoCase Request_URI \.pdf$ no-gzip dont-vary > > BrowserMatch ^Mozilla/4 gzip-only-text/html > BrowserMatch ^Mozilla/4\.0[678] no-gzip > BrowserMatch \bMSIE !no-gzip !gzip-only-text/htmles > > # Turn off support for true Proxy behaviour as we are acting as > # a transparent proxy > ProxyRequests Off > > # Turn off VIA header as we know where the requests are proxied > ProxyVia Off > ProxyPreserveHost On > RequestHeader set X-Forwarded-Proto "https" > SSLProxyEngine on > <Proxy *> > AddDefaultCharset Off > Order deny,allow > Allow from all > </Proxy> > > > ProxyPass / ajp://192.168.5.17:8009/ > ProxyPassReverse / ajp://192.168.5.17:8009/ > </VirtualHost> > </IfModule> > > > Wildfly configuration: > > <subsystem xmlns="urn:jboss:domain:undertow:1.2"> > <buffer-cache name="default"/> > <server name="default-server"> > <ajp-listener name="ajp" scheme="https" socket-binding="ajp"/> > <http-listener name="default" certificate-forwarding="true" > socket-binding="http" proxy-address-forwarding="true"/> > <host name="default-host" alias="localhost"> > <location name="/" handler="welcome-content"/> > <filter-ref name="server-header"/> > <filter-ref name="x-powered-by-header"/> > </host> > <host name="accounts" alias=" accounts.e-karton.net " > default-web-module="auth-server.war"/> > </server> > <servlet-container name="default"> > <jsp-config/> > <websockets/> > </servlet-container> > <handlers> > <file name="welcome-content" path="${jboss.home.dir}/welcome-content"/> > </handlers> > <filters> > <response-header name="server-header" header-name="Server" > header-value="WildFly/8"/> > <response-header name="x-powered-by-header" header-name="X-Powered-By" > header-value="Undertow/1"/> > </filters> > </subsystem> > > Keycloak jboss-web.xml > > <?xml version="1.0"?> > <!DOCTYPE jboss-web PUBLIC "-//JBoss//DTD Web Application 5.0//EN" " > http://www.jboss.org/j2ee/dtd/jboss-web_5_0.dtd "> > <jboss-web> > <context-root>/</context-root> > <virtual-host>accounts</virtual-host> > </jboss-web> > > Can anyone help me with this? > > _______________________________________________ > keycloak-user mailing list > keycloak-user(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/keycloak-user