Re: [keycloak-user] Using Keycloak with Apache and mod_auth_oidc
Hi Thomas,
just a comment on your example project, the Apache directive
OIDCCryptoPassphrase is (AFAIK) used by the apache module to en/decrypt the
state parameter that is sent with the redirect params to the OP. This is a
mandatory settings and you will have to make sure its random and secured
(otherwise someone can steal your users session). If you run the apache
behind a load balancer, this value needs to be the same on all nodes, else
the module will return invalid state errors.
Cheers,
Niels
On Fri, Jun 3, 2016 at 7:30 AM, Thomas Darimont <
thomas.darimont(a)googlemail.com> wrote:
Hello group,
Just wanted to let you know that I build a small example [0] that
demonstrates the usage of Keycloak with mod_auth_oidc [1]
with Docker + Apache + PHP.
Works like a charm :)
Cheers,
Thomas
[0] https://github.com/thomasdarimont/keycloak_mod_auth_oidc_example
[1] https://github.com/pingidentity/mod_auth_openidc
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
Attachments:
- attachment.html (text/html — 2.1 KB)