[keycloak-dev] Setting up AJP proxy from Apache?
Bill Burke
bburke at redhat.com
Sat Mar 5 07:27:37 EST 2016
The only thing I can think of is that the server is binding to localhost
and not a real IP address?
BTW, why would you want to put Apache in front of Keycloak? Or is this
just an application? Last time I looked at bench, undertow/wildfly
performs and scales better than Apache HTTPD even for static content.
https://www.techempower.com/benchmarks/
On 3/4/2016 9:49 PM, Adam Young wrote:
> keycloak-1.9.0.Final
>
> Having trouble finding the right notes for setting up AJP. This is to
> run alongside a FreeIPA server which is already set up with
> mod_proxy_ajp talking to Tomcat, so I want to keep using the same set of
> modules.
>
>
>
> I can see keycloak-1.9.0.Final/standalone/configuration/standalone.xml
>
>
> <subsystem xmlns="urn:jboss:domain:undertow:3.0">
> <buffer-cache name="default"/>
> <server name="default-server">
> <http-listener name="default" socket-binding="http"
> redirect-socket="https"/>
>
> <host name="default-host" alias="localhost">
> <location name="/" handler="welcome-content"/>
> <filter-ref name="server-header"/>
> <filter-ref name="x-powered-by-header"/>
> </host>
> </server>
>
>
> I'm assuming I need a line comparable to <http-listener name="default"
> socket-binding="http" redirect-socket="https"/> But for the AJP
> protocol. Perhaps ajp-listener?
>
> A line like this, perhaps?
>
> <http-listener name="default-ajp" socket-binding="ajp"
> scheme="http" />
>
>
>
>
>
>
> https://docs.jboss.org/author/display/WFLY8/AJP+listeners
>
> I see at the bottom of the file:
>
> <socket-binding-group name="standard-sockets"
> default-interface="public"
> port-offset="${jboss.socket.binding.port-offset:0}">
> <socket-binding name="management-http" interface="management"
> port="${jboss.management.http.port:9990}"/>
> <socket-binding name="management-https" interface="management"
> port="${jboss.management.https.port:9993}"/>
> <socket-binding name="ajp" port="${jboss.ajp.port:8009}"/>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list