Keycloak behind apache reverse proxy

Question

I have surfed through google without finding any concrete answers or examples, so again trying my luck here (often get lucky).

Answer 1

I'm using Keycloak for a project in docker containers. I had the same problem but in a local network (so maybe this will not be the solution, in this case i'm sorry). So this was the situation:

• REST java webapp running on wildfly, in a single Docker container
• Keycloak running in a single Docker container in the same network of the previous

• Apache running locally on my machine outside Docker, serving an angular 2 app, with the properly config

• The angular 2 app's adapter was pointing the url http://aaa.auth.com (i modified the local file hosts with the entry 127.0.0.1 aaa.auth.com)

• I added a link between Wildfly Docker and Keycloak Docker by the hostname http://aaa.auth.com and i used this hostname in the Java webapp adapter.
• Both the adapters were pointing to the same address, as far as i know this is a Keycloak requirement, see https://issues.jboss.org/browse/KEYCLOAK-2067

There are a lot of differences from your case (Docker, HTTP vs HTTPS etc), but, to avoid the communication REST-Keycloak via Web, have you tried modifying the file hosts of your server (hosting the RESTful service) inserting an entry with the local IP of your reverse proxy (172.a) and "example.com"?

Or, maybe you can solve it with a private DNS?