Keycloak reverse proxy

iHunt · January 14, 2020, 4:20am

Hello!
Please help solve problem with proxying.
I am using the following scheme:
Keycloack (ver 5.0) is running in a container on Kubernetes. Web access via ingress (url: http://xxx.k8s.com:30000/)
External requests are proxied to ingress from url: https://yyy.com/ (nginx)
When I get to the authorization page, I see in html tag “form”: <form id =“kc-form-login” onsubmit=“login.disabled=true; return true;” action="http://xxx.k8s.com:30000/auth/realms/..." instead of "https://yyy.com/auth/realms/..."
How to configure that it uses the correct url.

jangaraj · January 14, 2020, 6:56am

I guess you are using official jboss/keycloak:latest image:

Configure the environment variable PROXY_ADDRESS_FORWARDING=true for Keycloak containers. Doc https://hub.docker.com/r/jboss/keycloak :

When running Keycloak behind a proxy, you will need to enable proxy address forwarding.

docker run -e PROXY_ADDRESS_FORWARDING=true jboss/keycloak

iHunt · January 14, 2020, 7:02am

jangaraj, thanks for the answer.
I tried set env PROXY_ADDRESS_FORWARDING=true, and CLI /opt/jboss/keycloak/bin/jboss-cli.sh --connect \ "/subsystem=undertow/server=default-server/http-listener=default:write-attribute(name=proxy-address-forwarding, value=true)"
but this did not help.

Topic		Replies	Views
Keycloak 20.0.1 in k8s and behind reverse proxy Configuring the server admin-console	3	1943	December 7, 2022
KeycloakX 16.10 image Kubernetes http.proxy-address-forwarding no more exist Configuring the server admin-console , authentication	1	219	January 18, 2022
Running Keycloak behind docker container (with Nginx as reverse proxy)	2	74	April 23, 2024
Keycloak restrict admin console Securing applications	0	1076	February 3, 2023
Keycloak is adding adding port 80 to https urls Configuring the server	12	3305	December 2, 2022

Keycloak reverse proxy

Related Topics