I am trying to use keycloak to authenticate my service that are provided in a tomcat 8 docker by following https://github.com/keycloak/keycloak-documentation/blob/main/securing_apps/topics/oidc/java/tomcat-adapter.adoc
After i finished to configure my application it redirected correctly to the keycloak server however the redirect_uri was wrong since was calling an internal address only known by docker: hxxps://****.pt/auth/realms/example/protocol/openid-connect/auth?response_type=code&client_id=appmovel&redirect_uri=http%3A%2F%2Fweb-service%3A8080%2F&state=...
In order to fix it i configured a nginx to correct the redirect_uri
location /admin/ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://web-service:8080/;
}
resulting in: hxxps://***.pt/auth/realms/example/protocol/openid-connect/auth?response_type=code&client_id=appmovel&redirect_uri=http%3A%2F%2Fnewservice%2F&state=...
However the redirect_uri skips the context /admin/ resulting in bad redirection since it was supposed to redirect to: http%3A%2F%2Fnewservice%2Fadmin%2F&state=...
How and where should i configure to keep/add the context (/admin) in the redirect_uri ? Should be a keycloak configuration or a nginx rewrite rule ?
