keycloak / nginx。无法访问管理页面(无效参数:redirect_uri)

时间:2018-12-09 17:55:37

标签: nginx keycloak

修改 在我的docker env文件中使用PROXY_ADDRESS_FORWARDING = true,就像Jan所建议的解决了我的问题。

我在本地主机上尝试了keycloak,它成功运行了。 我现在正在尝试使用有效的https域构建一个,但无法访问登录页面。我收到一个redirect_uri错误。 我想念的是什么?

当我进入主页时,它可以工作。但是访问管理页面,我得到了重定向。

https://keycloak.myDomain.com/auth/realms/master/protocol/openid-connect/auth?client_id=security-admin-console&redirect_uri=https%3A%2F%2Fkeycloak.myDomain.com%2Fauth%2Fadmin%2Fmaster%2Fconsole%2F&state=ef6b5ac7-f2f4-49c1-81de-6c0d4cf18e5f&response_mode=fragment&response_type=code&scope=openid&nonce=a46f44b8-9428-4019-8d18-e8e58e896ef2

我正在使用一个没有配置的简单docker映像。

services:
  postgres:
      image: postgres:9.4
      volumes:
        - ./init.sql:/docker-entrypoint-initdb.d/init.sql
        - postgres_data:/var/lib/postgresql/data
  keycloak:
      image: jboss/keycloak
      env_file:
       - docker-variables.env
      ports:
        - 9000:8080
      depends_on:
        - postgres

然后我在此conf中使用Nginx:

server {
server_name  keycloak.myDomain.com;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;

location / {
      proxy_pass http://0.0.0.0:9000;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

      # enable this if and only if you use HTTPS
      proxy_set_header            X-Forwarded-Proto https;
      proxy_set_header            Host $http_host;
      proxy_set_header            X-Real-IP $remote_addr;
      proxy_set_header            X-Forwarded-For $proxy_add_x_forwarded_for;
    }


    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/myDomain.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/myDomain.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

谢谢

1 个答案:

答案 0 :(得分:0)

如果尝试登录管理控制台时遇到redirect_uri错误,请记住,必须设置两个环境变量,Keycloak才能在反向代理后面工作。如果管理控制台的网址为https://your.fqdn/auth,则必须设置:

word = 'hello'
dict1 = {}
import time

def words(words):
  count = len(words) + 3
  lines = []
  for i in words:
      lines.append('_')

  print('It is a', len(word), 'letter word\n',
      'You have ', count, 'guesses!')
  time.sleep(1)
  print('The first word is: ', words[0])
  while count > 0:
      for i in words:
          count -= 1
          time.sleep(1)
          answer = input('please input a letter')
          if answer=='':
              print('This is incorrect. You have ',count,' goes left')
          elif answer == '{}'.format(answer) in word:
              dict1.setdefault(answer, 0)
              dict1[answer] = dict1[answer] + 1
              for k, v in dict1.items():
                  if dict1[answer] > 1:
                      print('No duplicates! You have ', count, 'goes left')
                  else:
                      for i in range(0, len(word)):
                          if word[i] == answer:
                              lines[i] = answer
                      print( '\n Well done! You have ', count, 'goes left!')
              hangwords = ''.join(map(str, lines))
              print(hangwords)
              if hangwords == words:
                  print('You have won! You had', count, 'goes left!')
                  return hangwords

          else:
            print('This is incorrect! You have', count, 'goes left')

  if count==0:
      print('You have failed. The word was '+word)
      exit()

print(words(word))

KEYCLOAK_FRONTEND_URL = https://your.fqdn/auth