spring spring-boot spring-security keycloak netflix-eureka

Spring Boot replaces its hostname with docker container id

I setup a simple Spring Boot application with Security with Keycloak that is running as a service with eureka, gateway api etc.. All of them are dockerized. I created an endpoint which returns a String and is secured by SecurityFilterChain:

    @Bean
    public SecurityFilterChain configure(HttpSecurity httpSecurity) throws Exception {
        httpSecurity
                .oauth2Client(Customizer.withDefaults())
                .oauth2Login(Customizer.withDefaults());
        httpSecurity
                .sessionManagement(Customizer.withDefaults());
        httpSecurity
                .authorizeHttpRequests(Customizer.withDefaults())
                .authorizeHttpRequests(authorize -> {
                    authorize
                            .requestMatchers("/keycloak-test", "/tournament/keycloak-test").fullyAuthenticated()
                            .anyRequest().permitAll();
                });
        return httpSecurity.build();
    }

The endpoint:

    @GetMapping("/keycloak-test")
    public ResponseEntity<String> test() {
        return ResponseEntity.ok("Hello World");
    }

When I'm trying to access this endpoint I expected the redirect to login form or to keycloak itself, but the thing is that I'm being redirected to the containerId:port: http://6e375582a097:8201/oauth2/authorization/keycloak-provider thus "Server Not Found" error.

My application.yml:

eureka:
  client:
    service-url:
      defaultZone: http://172.18.0.1:8762/eureka
server:
  port: 8201
  error:
    include-message: always
spring:
  datasource:
    url: jdbc:postgresql://172.18.0.1:5501/tournament
    username: username
    password: ${DB_STG_PASSWORD}
    driver-class-name: org.postgresql.Driver
    hikari:
      connection-timeout: 10000
      maximum-pool-size: 10
      idle-timeout: 5000
      max-lifetime: 1000
      auto-commit: true
  flyway:
    locations: classpath:db/migration
    enabled: true
  jpa:
    show-sql: true
    properties:
      hibernate:
        dialect: org.hibernate.dialect.PostgreSQLDialect
  security:
    oauth2:
      client:
        provider:
          keycloak-provider:
            issuer-uri: https://keycloak.example.com/realms/keycloak-realm
        registration:
          aimcup:
            provider: keycloak-provider
            client-name: keycloak-provider
            client-id: keycloak-provider
            client-secret: 
            scope: profile,openid,offline_access
            redirect-uri: https://example.com/keycloak-test

I'd like to mention that I'm also using a nginx proxy manager.

I tried to look through all filters and check when the redirect uri is being determined, but none cought my eye. Setting server.address property in application.yml to my example.com also did not work.

Is it because of eureka has a container id instead of its IP address?

Thank you in advance for any help!

Solution

For Spring Boot 3, set forward-headers-strategy to native and it works as intended:

server.forward-headers-strategy: native