[keycloak-user] Keycloak Gatekeeper (forwarding proxy) does nothing
bob sheknowdas
bob.skd at googlemail.com
Tue Jul 16 08:39:06 EDT 2019
Hi,
I have a docker-compose setup with service 1 (grafana) sending requests to
service 2 (prometheus). I've put a Keycloak Gatekeeper in front of service
2, asking for authentication. That works perfectly fine.
Now my idea was to also place a second Keycloak Gatekeeper in front of
service 1, injecting said authentication.
Unfortunately, that doesnt work. Observing my traffic via wireshark, it
seems my second Keycloak Gatekeeper is not even involved in any
communication.
My docker compose file for service 1 and the forwarding proxy looks roughly
like this:
keycloak-forwarder:
image: quay.io/keycloak/keycloak-gatekeeper
command:
- --enable-forwarding=true
- --forwarding-username=<my_username>
- --forwarding-password=<my_password>
- --forwarding-domains=${BASE_DOMAIN}/grafana
- --listen=:3001
- --client-id=<my_keycloak_client_id>
- --client-secret=<my_keycloak_client_secret>
- --discovery-url=${DOMAIN_PROTOCOL}://${KEYCLOAK_DOMAIN}/auth/realms/<my_keycloak_realm>
networks:
- webgateway
grafana:
image: grafana/grafana
networks:
- webgateway
labels:
traefik.enable: true
traefik.backend: grafana
traefik.frontend.rule:
Host:${BASE_DOMAIN};PathPrefix:/grafana;PathPrefixStrip:/grafana
traefik.port: 3000
traefik.docker.network: webgateway
Do you have any idea how to fix this?
Best
Bob
More information about the keycloak-user
mailing list