我有一个与官方提供的相当类似的Docker撰写文件,即
version: '3'
volumes:
mysql_data:
driver: local
services:
mysql:
image: mysql:5.7
volumes:
- mysql_data:/var/lib/mysql
environment:
MYSQL_ROOT_PASSWORD: root
MYSQL_DATABASE: keycloak
MYSQL_USER: keycloak
MYSQL_PASSWORD: mypassword
keycloak:
image: jboss/keycloak
environment:
DB_VENDOR: MYSQL
DB_ADDR: mysql
DB_DATABASE: keycloak
DB_USER: keycloak
DB_PASSWORD: mypass
KEYCLOAK_USER: admin
KEYCLOAK_PASSWORD: mypass
# It didn't look like this actually got set.
PROXY_ADDRESS_FORWARDING: "true"
ports:
- 10000:8080
depends_on:
- mysql
我还有一个nginx配置文件,作为keychaft的反向代理。
## Redirects all HTTP traffic to the HTTPS host
server {
listen 80;
listen [::]:80;
server_name keycloak keycloak.fqdn.com keycloak.fq.fqdn.com;
server_tokens off;
return 301 https://keycloak.fqdn.com$request_uri;
}
## HTTPS host
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name keycloak.fqdn.com;
server_tokens off;
autoindex off;
include conf.d/site-common-config/ssl.conf;
access_log /var/log/nginx/keycloak-access.log combined;
error_log /var/log/nginx/keycloak-error.log warn;
location / {
gzip on;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://127.0.0.1:10000;
}
}
我进一步确认(据我所知)在
/auth/realms/master/.well-known/openid-configuration
返回正确的值。我一直在跟着导游
here
并更新了相应的XML文件,并运行了重新加载命令以确保
proxy-address-forwarding
设置为“真”。但是我得到了javascript错误
Load denied by X-Frame-Options: https://keycloak.fqdn.com/auth/realms/master/protocol/openid-connect/login-status-iframe.html?version=4.3.0.final does not permit framing.
到目前为止,我还没有在文件中找到解决这个问题的任何东西,所以任何帮助都会受到感激。
