[keycloak-user] Significant SSL issue: Support for reverse proxies
Stian Thorgersen
stian at redhat.com
Mon Jun 16 05:33:22 EDT 2014
When does it forward the browser from https to http?
As Bill pointed out, does auth-server-url in your keycloak.json point to your proxy with https?
What adapter are you using?
----- Original Message -----
> From: "Josh" <smysnk at gmail.com>
> To: keycloak-user at lists.jboss.org
> Sent: Friday, 13 June, 2014 8:41:32 AM
> Subject: [keycloak-user] Significant SSL issue: Support for reverse proxies
>
> Hi guys,
>
> So looking to help solve this issue possibly or at least get it on the radar,
> I've reported it here: https://issues.jboss.org/browse/KEYCLOAK-497
>
> To breifly recap the issue, when logging in via reverse proxy it keeps
> forwarding the browser from https back to regular http.
>
> Eg. Apache virtualhost configured as:
>
> <VirtualHost *:443>
> ServerName auth.domain.com
> SSLEngine On
>
> <Proxy *>
> Order deny,allow
> Allow from all
> </Proxy>
>
> ProxyVia Off
> ProxyPreserveHost On
> ProxyRequests Off
>
> ProxyPass / http://keycloak.core.docker:8080/
> ProxyPassReverse / http://keycloak.core.docker:8080/
>
>
> </VirtualHost>
>
> If I were to start looking into the code base, where would I start? Trying to
> find for example during the login process how the forward url is formed?
>
> Thanks,
>
> Josh
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list