Hello started building an application and tested it with a local docker keycloak, and it works fine.
But the production keycloak server (both have the same version 24.0.3) runs behind an apache2 reverse-proxy. This is the config:
ProxyPass "/" "http://localhost:8080/"
ProxyPassReverse "/" "http://localhost:8080/"
HostnameLookups Off
RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME}
RequestHeader set "X-Forwarded-SSL" expr=%{HTTPS}
UseCanonicalName Off
ProxyPreserveHost On
The problem is that after entering the credentails keycloak does’t do a redirect back to the client application, rather than to his own host.
So the url looks like this https://public.authserver/login/oauth2/code/my-realm?state=V1p3odUrEhJFClMvx6WmlZxVQCjLCjG82VHCPw-K it should be https://localhost:8080/login/oauth2/code/my-realm?state=V1p3odUrEhJFClMvx6WmlZxVQCjLCjG82VHCPw-K.
The server get started with the following command:
/opt/keycloak/keycloak-24.0.3/bin/kc.sh start --proxy-headers forwarded
Can you tell me what may be the problem, I also got another application that uses the apache2-openid-connect plugin and the same public.authserver and this works fine.
Thank you for your help