Hi,
Keycloak server (a.com) is in the indsie (company) DNS,
and the proxy server is in both inside and outside DNS.
Proxy server is set to redirect depending on the path after the domain:
- b.com/aaa/… => c.com/aaa/…
- b.com/bbb/ => d.com/xvz/…
- b.com/realms/ => a.com/realms/ # This is the one I added now
The other proxies work fine; it correctly redirects to the servers behind.
But for keycloak, it shows “We are sorry Page Not Found” w/o any css (white backgroud w/ black letters)
Keyclaok Log [a.com]
2022-07-04 18:49:07,522 DEBUG [io.quarkus.vertx.http.runtime.ForwardedParser] (executor-thread-1) Recalculated absoluteURI to https://a.com/realms/TEST/protocol/saml/descriptor
2022-07-04 18:49:07,525 DEBUG [org.keycloak.transaction.JtaTransactionWrapper] (executor-thread-1) JtaTransactionWrapper commit
2022-07-04 18:49:07,525 DEBUG [org.keycloak.transaction.JtaTransactionWrapper] (executor-thread-1) JtaTransactionWrapper end
2022-07-04 18:49:09,507 DEBUG [org.keycloak.transaction.JtaTransactionWrapper] (Timer-0) new JtaTransactionWrapper
2022-07-04 18:49:09,507 DEBUG [org.keycloak.transaction.JtaTransactionWrapper] (Timer-0) was existing? false
2022-07-04 18:49:09,507 DEBUG [org.keycloak.transaction.JtaTransactionWrapper] (Timer-0) JtaTransactionWrapper commit
Keyclaok Log [b.com > a.com]
2022-07-04 18:49:35,072 DEBUG [io.quarkus.vertx.http.runtime.ForwardedParser] (executor-thread-1) Recalculated absoluteURI to https://b.com/realms//TEST/protocol/saml/descriptor
2022-07-04 18:49:35,072 DEBUG [org.keycloak.services.error.KeycloakErrorHandler] (executor-thread-1) Error response 404: javax.ws.rs.NotFoundException: RESTEASY003210: Could not find resource for full path: https://b.com/realms//TEST/protocol/saml/descriptor
at org.jboss.resteasy.core.registry.SegmentNode.match(SegmentNode.java:152)
at org.jboss.resteasy.core.registry.RootNode.match(RootNode.java:74)
at org.jboss.resteasy.core.registry.RootClassNode.match(RootClassNode.java:47)
at org.jboss.resteasy.core.ResourceMethodRegistry.getResourceInvoker(ResourceMethodRegistry.java:480)
at org.jboss.resteasy.core.SynchronousDispatcher.getInvoker(SynchronousDispatcher.java:332)
at org.jboss.resteasy.core.SynchronousDispatcher.lambda$invoke$4(SynchronousDispatcher.java:253)
at org.jboss.resteasy.core.SynchronousDispatcher.lambda$preprocess$0(SynchronousDispatcher.java:161)
at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:364)
at org.jboss.resteasy.core.SynchronousDispatcher.preprocess(SynchronousDispatcher.java:164)
at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:247)
at io.quarkus.resteasy.runtime.standalone.RequestDispatcher.service(RequestDispatcher.java:73)
at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.dispatch(VertxRequestHandler.java:151)
at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.handle(VertxRequestHandler.java:82)
at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.handle(VertxRequestHandler.java:42)
at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1212)
at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:163)
at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:141)
at io.quarkus.vertx.http.runtime.StaticResourcesRecorder$2.handle(StaticResourcesRecorder.java:67)
at io.quarkus.vertx.http.runtime.StaticResourcesRecorder$2.handle(StaticResourcesRecorder.java:55)
at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1212)
at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:163)
at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:141)
at io.quarkus.vertx.http.runtime.VertxHttpRecorder$5.handle(VertxHttpRecorder.java:380)
at io.quarkus.vertx.http.runtime.VertxHttpRecorder$5.handle(VertxHttpRecorder.java:358)
at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1212)
at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:163)
at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:141)
at org.keycloak.quarkus.runtime.integration.web.QuarkusRequestFilter.lambda$createBlockingHandler$1(QuarkusRequestFilter.java:71)
at io.vertx.core.impl.ContextImpl.lambda$null$0(ContextImpl.java:159)
at io.vertx.core.impl.AbstractContext.dispatch(AbstractContext.java:100)
at io.vertx.core.impl.ContextImpl.lambda$executeBlocking$1(ContextImpl.java:157)
at io.quarkus.vertx.core.runtime.VertxCoreRecorder$13.runWith(VertxCoreRecorder.java:543)
at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2449)
at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1478)
at org.jboss.threads.DelegatingRunnable.run(DelegatingRunnable.java:29)
at org.jboss.threads.ThreadLocalResettingRunnable.run(ThreadLocalResettingRunnable.java:29)
at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
at java.base/java.lang.Thread.run(Thread.java:829)
keycloak.conf
https-certificate-file=/…/cert.pem
https-certificate-key-file=/…/key.pem
proxy=passthrough #tried “reencrypt” and “edge” too but nothing worked
proxy_address_forwarding=true
hostname=a.com
http-port=80
https-port=443
https-protocols=TLSv1.3,TLSv1.2
http-enabled=true
hostname-strict=false
hostname-strict-https=false
What else can I try?