Keycloak 18.0.2 mixed content issue.
See original GitHub issueDescribe the bug
First off I want to state that I have read https://github.com/keycloak/keycloak/issues/11807 and a lot of documentations and articles. I still don’t think https://github.com/keycloak/keycloak/issues/11807 has fixed all mixed https/http issue.
I am deploying keycloak 18.0.2 on EKS with the HTTPS terminating on the ALB. After a lot of struggle and research, I have manually changed the frontend URL in the DB directly and also changed the redirect_uri to have https in it, I am now able to see the dashboard and click to admin console and have the redirect_uri all being allowed and now I can finally Login.
However after login. I will get unexpected error because for the following API calls that does not have HTTPS in it.
http://identity-test.somedomain.net/auth/admin/realms?briefRepresentation=true
http://identity-test.somedomain.net/auth/admin/serverinfo
http://identity-test.somedomain.net/auth/admin/realms
I never seen all these issues or even need to do changes directly in DB. I am previously using 16.1.1 but am forced to upgrade as that version has issues with Direct Naked Impersonation Feature.
Below is my setting. KC_DB=postgres KC_DB_URL_HOST=rds.amazonaws.com KC_DB_URL_PORT=5432 KC_DB_URL_DATABASE=postgres KC_DB_SCHEMA=keycloak_test KC_DB_USERNAME=xxx KC_DB_PASSWORD=xxx KEYCLOAK_ADMIN=admin KEYCLOAK_ADMIN_PASSWORD=admin KC_HOSTNAME=identity-test.somedomain.net KC_HOSTNAME_ADMIN=identity-test.somedomain.net KC_HOSTNAME_STRICT=false KC_HTTP_RELATIVE_PATH=/auth KC_HTTP_ENABLED=false KC_HOSTNAME-STRICT-HTTPS=true KC_PROXY=edge
Version
18.0.2
Expected behavior
I should be able to easily access the admin console after installation.
Actual behavior
After so many research and hack around DB values, I am still NOT able to access the admin console.
I am currently stuck at this step where
http://identity-test.somedomain.net/auth/admin/realms?briefRepresentation=true
http://identity-test.somedomain.net/auth/admin/serverinfo
http://identity-test.somedomain.net/auth/admin/realms
is not carrying the right protocol, should be https not http and for this I am truly running out of idea where they are coming from. Before the setup of the “Frontend Url” in the realm settings would have taken all these into account properly.
How to Reproduce?
No response
Anything else?
No response
Issue Analytics
- State:
- Created a year ago
- Reactions:3
- Comments:13 (5 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
@abstractj, my plan is to work on this from tomorrow.
Hello, @bonzo71,
You’re right. The “PROXY_ADDRESS_FORWARDING” property was deprecated and has no effect in my Keycloak-v18 container.
Besides that and aforementioned, the solution assembled as described in my previous message is working properly: