[keycloak-user] Using Keycloak Proxy behind a TLS terminating reverse proxy
Juraci Paixão Kröhling
juraci at kroehling.de
Thu Apr 7 12:58:39 EDT 2016
On 07.04.2016 17:36, Chris Pitman wrote:
> Isn't that documentation for setting up keycloak behind a reverse proxy? I have the keycloak appliance setup already, and can execute an OAuth flow *as long as the redirect_uri passed by the application is correct*.
>
> The problem is that the Keycloak Proxy is passing the wring redirect_uri to keycloak. HTTPD is passing the x-forwarded-proto header to the proxy. And I don't believe the proxy has a configuration file where you can modify the undertow configuration. The only configuration I am aware of for the proxy is documented here: http://keycloak.github.io/docs/userguide/keycloak-server/html/proxy.html#d4e3464
>
> Am I missing something?
Actually, I've seen something similar in an application I'm working on.
I didn't have time to debug it yet, but it *seems* that the Wildfly
Adapter is not recognizing the proper protocol and is building the
redirect_uri with "http" all the time.
- Juca.
More information about the keycloak-user
mailing list