[keycloak-user] Behind a reverse proxy using context path
Andy Yar
andyyar66 at gmail.com
Wed Jan 13 08:27:21 EST 2016
Hello,
I'm stuck with Keycloak 1.7.0 Final on WildFly 9 behind a reverse proxy
(nginx). The WildFly is configured for proxying according to the Keycloak
guide and the proxy sends the needed custom HTTP headers.
I have a public SSL secured domain and nginx proxying requests to internal
WildFly server. I would like to use URL: https://domain.foo/sso/ to access
the Keycloak (internal WildFly). I guess the context path (sso/) is
important here.
Accessing the address I can reach the Keycloak default welcome page.
However, a GET https://domain.foo/sso/admin results in 302 to Location:
https://domain.foo/admin/master/console/. Obviously this redirect fails
because its Location misses the needed context path (sso/). Adding the
context path to a request manually results in a 200 but following resources
fail to download because of the missing context path part of URL.
Is my configuration wrong? Is there a way how the original base URL can be
set? Is it even possible to have it behind a reverse proxy not running at
root context? Is the origin detection broken?
Thanks in advance
Andy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160113/bc416e31/attachment-0001.html
More information about the keycloak-user
mailing list