[
https://issues.apache.org/jira/browse/KNOX-1355?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Kevin Risden updated KNOX-1355:
-------------------------------
Description:
I wanted to integrate Keycloak as the IdP provider for Knox using the pac4j
federation. This is for an SSO scenario and not Knox Gateway proxy. So,
requested to gateway/knoxsso/api/v1/websso?originalUrl=https://service.
After, the redirection happens to Keycloak and successful authentication knox
rather than returning to the requested original URL, it is redirecting to the
original requestedURL (ie.
gateway/knoxsso/api/v1/websso?originalUrl=https://service/)
The complete Sequence diagram is attached. [^sequence_diagram.txt]
Also, knoxsso.xml is attached as an example. [^knoxsso.xml]
was:
I wanted to integrate Keycloak as the IdP provider for Knox using the pack4j
federation in Dataplane. This is for an SSO scenario and not Knox Gateway
proxy. So, requested to
gateway/knoxsso/api/v1/websso?originalUrl=https://dataplane.
After, the redirection happens to Keycloak and successful authentication knox
rather than returning to the requested original URL, it is redirecting to the
original requestedURL (ie.
gateway/knoxsso/api/v1/websso?originalUrl=https://dataplane)
The complete Sequence diagram is attached. [^sequence_diagram.txt]
Also, knoxsso.xml is attached as an example. [^knoxsso.xml]
> Knox not honoring originalUrl when pac4j federation is used
> -----------------------------------------------------------
>
> Key: KNOX-1355
> URL: https://issues.apache.org/jira/browse/KNOX-1355
> Project: Apache Knox
> Issue Type: Bug
> Components: KnoxSSO
> Reporter: DIPAYAN BHOWMICK
> Priority: Major
> Fix For: 1.3.0
>
> Attachments: KNOX-1355.patch, knox_fix_for_dp_keycloak.patch,
> knoxsso.xml, sequence_diagram.txt
>
>
> I wanted to integrate Keycloak as the IdP provider for Knox using the pac4j
> federation. This is for an SSO scenario and not Knox Gateway proxy. So,
> requested to gateway/knoxsso/api/v1/websso?originalUrl=https://service.
> After, the redirection happens to Keycloak and successful authentication knox
> rather than returning to the requested original URL, it is redirecting to the
> original requestedURL (ie.
> gateway/knoxsso/api/v1/websso?originalUrl=https://service/)
> The complete Sequence diagram is attached. [^sequence_diagram.txt]
> Also, knoxsso.xml is attached as an example. [^knoxsso.xml]
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
