I have Keycloak and Gatekeeper configured to use Google as an identity
provider to front end my PHP application and most of the time it works
great but sometimes it exposes my internal host (which Gatekeeper should be
proxying for). If I login from my desktop(chrome) it works fine unless
instead of clicking on a link my app tries to use a redirect header. i.e.
my PHP example: header("Location: /protected/dashboard"); When that
happens instead of redirecting to
https://commentcontext.com/protected/dashboard, like it should, I see
https://webapp/protected/dashboard in the URL field. This fails because
there is no DNS for webapp. webapp is the name I use internally and it
should never be exposed externally. Also, if I try to connect using my
phone or tablet (both android) I get through the Google authentication fine
but then it tries to send me to
https://webapp/protected/dashboard, which
again is a FAIL :(
Why is Gatekeeper failing to proxy sessions when initiated via a redirect
or when they come from mobile browser? Has anyone seen this behavior
before? Any help anyone could provide on this issue would be greatly
appreciated.
Thanks,
Nick