[keycloak-dev] Keycloak Proxy & X-FORWARDED-PROTO
Rory Hart
hartror at gmail.com
Thu Jan 4 15:49:06 EST 2018
I may have found a bug (or lack of feature?) in the proxy. I'm running the
proxy behind a AWS load balancer which is handling HTTPS but the redirect
urls that the proxy is generating are HTTP.
While this isn't blocking usage as HTTP is redirected to HTTPS it is a
small security hole that I would like to close.
Is this something wrong with the proxy, a feature that needs to be worked
on or out of scope of the proxy all together and I should be asking another
team? (undertow?)
Thanks
Rory Hart
More information about the keycloak-dev
mailing list