haowang-pony removed a comment on issue #5253:
URL: https://github.com/apache/apisix/issues/5253#issuecomment-944873149
I just tried the authz-keycloak, but met the same problem. the request was
redirect between apisix and keycloak back and forth. And I checked request
cookies already has access-token.
Here is my config
```
apiVersion: apisix.apache.org/v2beta1
kind: ApisixRoute
metadata:
name: httpbin-route
namespace: ingress-apisix
spec:
http:
- name: httpbin
match:
hosts:
- httpbin.k8s.fr.corp.pony.ai
paths:
- /*
backends:
- serviceName: httpbin
servicePort: 80
plugins:
- name: authz-keycloak
enable: true
config:
client_id: apisix
client_secret: ""
discovery: ***/.well-known/openid-configuration
policy_enforcement_mode: PERMISSIVE
```
I'm wondering the authz-keycloak and openid-connect plugin only check the
access-token in header but failed to check the access token in cookie. Because
if I set the access-token into request header, the workflow works very well.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
