[ 
https://issues.apache.org/jira/browse/KNOX-1355?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16510692#comment-16510692
 ] 

DIPAYAN BHOWMICK commented on KNOX-1355:
----------------------------------------

I did some digging around the knox code and its integration with pac4j, I found 
that the DefaultCallbackStrategy was not overloaded for this scenario to work. 
The defaultCallbackStrategy will work if knox is used as a gateway. I was able 
to fix the redirection issue by patching the code.
Patch is attached.
 [^knox_fix_for_dp_keycloak.patch] 

> Knox not honoring originalUrl when pac4j federation is used
> -----------------------------------------------------------
>
>                 Key: KNOX-1355
>                 URL: https://issues.apache.org/jira/browse/KNOX-1355
>             Project: Apache Knox
>          Issue Type: Bug
>          Components: KnoxSSO
>            Reporter: DIPAYAN BHOWMICK
>            Priority: Major
>             Fix For: 1.1.0
>
>         Attachments: knox_fix_for_dp_keycloak.patch, knoxsso.xml, 
> sequence_diagram.txt
>
>
> I wanted to integrate Keycloak as the IdP provider for Knox using the pack4j 
> federation in Dataplane. This is for an SSO scenario and not Knox Gateway 
> proxy. So, requested to 
> gateway/knoxsso/api/v1/websso?originalUrl=https://dataplane.
> After, the redirection happens to Keycloak and successful authentication knox 
> rather than returning to the requested original URL, it is redirecting to the 
> original requestedURL (ie. 
> gateway/knoxsso/api/v1/websso?originalUrl=https://dataplane)
> The complete Sequence diagram is attached. [^sequence_diagram.txt]
> Also, knoxsso.xml is attached as an example. [^knoxsso.xml]



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to