-
Bug
-
Resolution: Done
-
Undefined
-
None
-
None
-
False
-
-
False
-
-
Before reporting an issue
[X] I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.
Area
account/ui
Describe the bug
When using Hostname V2 and when hostname contains a path different from that of the hostname-admin (i.e., hostname=https://example.com/auth/ and hostname-admin=https://admin.example.com/admin/) the account UI (located at https://example.com/auth/realms/myrealm/account) tries to load resources from https://example.com/admin/resources/ instead of https://example.com/auth/resources/.
Version
25.0.0
Regression
[ ] The issue is a regression
Expected behavior
Account console resources should be loaded from ${frontend hostname}/${frontend path}/resources
Actual behavior
Resources are loaded from ${frontend hostname}/${admin path}/resources
How to Reproduce?
Set up keycloak with hostname containing a path that differs from hostname-admin (i.e., hostname=https://example.com/auth/, hostname-admin=https://admin.example.com). Then, try to access the account console while watching requests.
Anything else?
I'm running my Keycloak instance behind an nginx reverse proxy like so:
```
server
listen 80;
listen 443 ssl;
server_name example.com;
location /auth/ { proxy_pass http://10.10.10.2:8080/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-Port $server_port; proxy_set_header X-Forwarded-Proto $scheme; }
}
server {{code}
listen 80;
listen 443 ssl;
location /
{ proxy_pass http://10.10.10.2:8080/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-Port $server_port; proxy_set_header X-Forwarded-Proto $scheme; }}
```
{{/auth/realms/myrealm/login}} uses the correct path:
```
{
"imports":
}
```
This can be mitigated in the meantime by adding a {{proxy_pass}} directive for {{/resources}} on {{example.com}}, though this is less than ideal:
```
location /resources/
{ proxy_pass http://10.10.10.2:8080/resources/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-Port $server_port; proxy_set_header X-Forwarded-Proto $scheme; }```
- links to
