Hi Thomas,

just a comment on your example project, the Apache directive OIDCCryptoPassphrase is (AFAIK) used by the apache module to en/decrypt the state parameter that is sent with the redirect params to the OP. This is a mandatory settings and you will have to make sure its random and secured (otherwise someone can steal your users session). If you run the apache behind a load balancer, this value needs to be the same on all nodes, else the module will return invalid state errors.

Cheers,

Niels

On Fri, Jun 3, 2016 at 7:30 AM, Thomas Darimont <thomas.darimont@googlemail.com> wrote:

Hello group,

Just wanted to let you know that I build a small example [0] that
demonstrates the usage of Keycloak with mod_auth_oidc [1]
with Docker + Apache + PHP.

Works like a charm :)

Cheers,
Thomas

[0] https://github.com/thomasdarimont/keycloak_mod_auth_oidc_example
[1] https://github.com/pingidentity/mod_auth_openidc

_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user