Hey all, Figured out the problem, so posting in case someone else needs.
For production it is required to change following parameters in the keycloak adapter config: "ssl-required": "all", "confidential-port": 443, Now I have other issues with mapping roles, but the original issue is solved for me. Cheers, Nikola ________________________________ From: Nikola Jankovic <nikola.janko...@eodc.eu> Sent: 01 October 2019 10:57 To: geoserver-users@lists.sourceforge.net <geoserver-users@lists.sourceforge.net> Subject: [Geoserver-users] Geoserver authentication with keycloak issue Hello all, I am trying to connect geoserver with the keycloak community module following the guide https://docs.geoserver.org/latest/en/user/community/keycloak/index.html, however I am facing some difficulty in doing so. After adding the keycloak adapter to the web filter chain to protect the Web Admin GUI, the requests aren't being being redirected properly to the keycloak sign in page, and I get an Invalid parameter: redirect_uri error. I notice in the URL that it is trying to redirect to HTTP instead of HTTPS (keycloak only allows HTTPS and is configured accordingly). When I add HTTPS manually to the redirect_uri parameter in the URL then it redirects properly. HTTPS is configured currently with an NGINX redirect. Is this a configuration issue with Geoserver? I've tried setting the proxy base URL but that doesn't seem to help. Specs: Geoserver 2.15.0 running in a docker Container on Ubuntu 16.04 openjdk version "1.8.0_212" OpenJDK Runtime Environment (build 1.8.0_212-8u212-b01-1~deb9u1-b01) OpenJDK 64-Bit Server VM (build 25.212-b01, mixed mode) If you need any more information, I will try to provide it. Thank you for taking the time to read and look into the issue. Sincerely, Nikola
_______________________________________________ Geoserver-users mailing list Please make sure you read the following two resources before posting to this list: - Earning your support instead of buying it, but Ian Turton: http://www.ianturton.com/talks/foss4g.html#/ - The GeoServer user list posting guidelines: http://geoserver.org/comm/userlist-guidelines.html If you want to request a feature or an improvement, also see this: https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer Geoserver-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-users
