Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-4149

Wrong URL with proxy-address-forwarding="true" when X-Forwarded-Host is included on EAP 7.0.3+

    Details

      Description

      Deploying Keycloak1.9.8 on EAP 7.0.3/7.04 causes an "Invalid parameter: redirect_uri" error when accessing the admin console via HTTP over a proxy with:
      <http-listener name="default" socket-binding="http" redirect-socket="proxy-https" proxy-address-forwarding="true"/>

      proxy-address-forwarding="true" is in the load-balancer documentation so the assumption is that this is valid config:
      https://keycloak.gitbooks.io/server-installation-and-configuration/content/topics/clustering/load-balancer.html

      HTTPS works correctly.

      Keycloak on EAP7.0.0-7.0.2 works correctly. This is the suspected cause of the change in behavior:
      https://issues.jboss.org/browse/JBEAP-5669

      HAProxy configuration is attached.

        Gliffy Diagrams

          Attachments

          1. error-page-503.http
            2 kB
          2. haproxy.config
            3 kB
          3. os_http_be.map
            0.0 kB

            Issue Links

              Activity

                People

                • Assignee:
                  stianst Stian Thorgersen
                  Reporter:
                  bdecoste William Decoste
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  4 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: