Details

      Description

      Single Log Out doesn't work when Keycloak is behind ReverseProxy.

      SamlResponse returned in response to logout request is rejected becouse of failure in destination validation.
      Validation failes because method SAMLEndpoint.Binding.handleSamlResponse() passes to destinationValidator session.getContext().getUri().getAbsolutePath(). Unfortunately session.getContext().getUri().getAbsolutePath() returns Keycloak backend URL.

      This issue is simmilar to KEYCLOAK-12864

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  sguilhen Stefan Guilhen
                  Reporter:
                  mfatyga Marcin Fatyga
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  1 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: