You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
using Keycloak as auth-provider, it seems that the redirect_uri parameter for the redirection from Keycloak-Login page back to https://{myDomain}/DatabaseStatus is incorrect.
When clicking on DatabaseStatus the Login-URL (auth/realms/frostrealm/protocol/openid-connect/auth?response_type=code&client_id={myClientID}&redirect_uri=http%3A%2F%2F{myDomain}%2FFROST-Server%2FDatabaseStatus&state=123&login=true&scope=openid) contains a parameter redirect_uri with value {myDomain}%2FFROST-Server%2FDatabaseStatus.
This leads to a 404-Message: The requested resource [/FROST-Server/FROST-Server/DatabaseStatus] is not available
Changing redirect_uri to http%3A%2F%2F{myDomain}%2FDatabaseStatus leads to 403 Forbidden.
You could try doing the auth procedure with the browser-debugger open, so you can see what keycloak actually redirects to. Then you can see if the problem is in keycloak, or in the ingress configuration.
Hi,
using Keycloak as auth-provider, it seems that the redirect_uri parameter for the redirection from Keycloak-Login page back to https://{myDomain}/DatabaseStatus is incorrect.
When clicking on DatabaseStatus the Login-URL (auth/realms/frostrealm/protocol/openid-connect/auth?response_type=code&client_id={myClientID}&redirect_uri=http%3A%2F%2F{myDomain}%2FFROST-Server%2FDatabaseStatus&state=123&login=true&scope=openid) contains a parameter redirect_uri with value {myDomain}%2FFROST-Server%2FDatabaseStatus.
This leads to a 404-Message: The requested resource [/FROST-Server/FROST-Server/DatabaseStatus] is not available
Changing redirect_uri to http%3A%2F%2F{myDomain}%2FDatabaseStatus leads to 403 Forbidden.
I think the redirect_uri interferes with our rewrite from / to /FROST-Server in our Ingress. Could it be, that the "redirect-rewrite-rules"-Parameter has to be adjusted accordingly (see https://www.keycloak.org/docs/latest/securing_apps/#_java_adapter_config)?
The text was updated successfully, but these errors were encountered: