Reading Original IP on Keycloak when Installed Behind a Reverse Proxy
Keycloak, or Red Hat Single SignOn, have the capability of capturing ip of every request which are connected to it. But there are scenarios where Keycloak is located behind a reverse proxy, and Keycloak would capture reverse proxy’s ip instead of original requestor IP.
The workaround is actually quite simple although can be at different xml files depends on your server , can add below configuration on default-server tag.
<server name="default-server"> <http-listener name="default" socket-binding="http" redirect-socket="https" enable-http2="true" proxy-address-forwarding="true" /> <https-listener name="https" socket-binding="https" security-realm="ApplicationRealm" enable-http2="true" proxy-address-forwarding="true" /> <host name="default-host" alias="localhost"> <location name="/" handler="welcome-content"/> <http-invoker security-realm="ApplicationRealm"/> </host> </server>
1 Comment
view
about 11 months agoHurrah! At last I got a website from where I be capable of in fact obtain valuable facts concerning my study and knowledge.
Reply