edit: Using PROXY_ADDRESS_FORWARDING=true in my docker env file, like Jan suggested solved my issue.
我在本地主机上尝试过keycloak并且它成功运行了 . 我现在正在尝试使用有效的https域构建一个,但我无法访问登录页面 . 我收到redirect_uri错误 . 我错过了什么?
当我进入主页时,它可以工作 . 但是访问管理页面,我得到了一个重定向 .
https://keycloak.myDomain.com/auth/realms/master/protocol/openid-connect/auth?client_id=security-admin-console&redirect_uri=https%3A%2F%2Fkeycloak.myDomain.com%2Fauth%2Fadmin%2Fmaster%2Fconsole%2F&state=ef6b5ac7-f2f4-49c1-81de-6c0d4cf18e5f&response_mode=fragment&response_type=code&scope=openid&nonce=a46f44b8-9428-4019-8d18-e8e58e896ef2
我正在使用没有配置的简单docker镜像 .
services:
postgres:
image: postgres:9.4
volumes:
- ./init.sql:/docker-entrypoint-initdb.d/init.sql
- postgres_data:/var/lib/postgresql/data
keycloak:
image: jboss/keycloak
env_file:
- docker-variables.env
ports:
- 9000:8080
depends_on:
- postgres
我正在使用Nginx这个conf:
server {
server_name keycloak.myDomain.com;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
location / {
proxy_pass http://0.0.0.0:9000;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# enable this if and only if you use HTTPS
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/myDomain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/myDomain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
谢谢