密钥隐藏(Nginx)的反向代理配置 [英] Reverse proxy configuration for keycloak (Nginx)
问题描述
我有一个在端口8000上运行的spring boot应用程序(带有keycloak适配器),在8080上运行了keycloak
I have a spring boot application (with keycloak adapter) running on port 8000 and keycloak running on 8080
我已经编辑了/etc/hosts文件,以将来自测试域(foo.bar.com)的请求路由到127.0.0.1
I have edited my /etc/hosts file to route requests coming on my test-domain (foo.bar.com) to route to 127.0.0.1
到目前为止,我对SSL不感兴趣.
I am not interested in SSL as of now.
我的示例nginx配置:
My sample nginx configuration:
server {
listen 80;
server_name foo.bar.com;
location /myapp {
proxy_set_header Host $host/myapp;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Port 80;
proxy_set_header X-Forwarded-Proto http;
proxy_pass http://localhost:8000/;
}
location /auth {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://localhost:8080;
}
}
问题:
此样本nginx conf是否足够?我发生了一些无限的重定向.在我的Spring应用程序中,来自keycloak适配器的日志显示: 没有状态Cookie
Will this sample nginx conf be sufficient? I had some infinite redirects happening. Logs from keycloak adapter in my spring application say: No State Cookie
如果我不使用代理服务器,而是直接配置应用程序和keycloak对话,则可以正常工作.我不知道为什么代理服务器会造成问题.
If I do not use proxy server and instead configure the app and keycloak talk directly to each other it works. I wonder why proxy server is creating issues.
推荐答案
您是否配置了Keycloak,使其知道它位于代理之后?
Did you configure Keycloak so that it knows it's behind a proxy?
例如对于docker,它是选项-e PROXY_ADDRESS_FORWARDING=true
E.g. for docker it's the option -e PROXY_ADDRESS_FORWARDING=true
这篇关于密钥隐藏(Nginx)的反向代理配置的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!