9:44 a.m.
Good day,
A few weeks ago, I was deploying auth-server.war inside a JBoss 6.1.0alpha
instance and using relative URIs for redirects on my registered
applications. For example, a single redirect uri of '/hello-world/*' meant
that I could access our app from:
- http://localhost:8080/hello-world/
- https://localhost:8443/hello-world/
- http://[workstation]:8080/hello-world/
- https://[workstation]:8443/hello-world/
This was very convenient as we deploy the JBoss container on site for
customer use via automated installer, so trying to minimize the local
configurations required is important.
However, as per recent exchanges with Stian, I am now running a separate
Keycloak appliance instance (Wildfly 8.2), port-shifted by 100, along-side
our old JBoss instance.
This seems to require that I add 4 separate redirect_uris (above) in order
for things to work. As well, the latter two require knowledge of the
target machine's hostname.
I'm wondering if there is a way to use relative host URI, but keep the port
for application redirect_uri. Or perhaps a hostname placeholder? Possible
example:
- http://${jboss.host.name}:8080/hello-world/
Any sort of placeholder for the current host-name would simplify the
current post-install configuration required.
Thanks,
Guy
1:19 a.m.
New subject: Relative host possible in redirect URI when using Keycloak appliance?
----- Original Message -----
From: "Guy Davis" <guydavis.ca(a)gmail.com>
To: keycloak-user(a)lists.jboss.org
Sent: Monday, 23 March, 2015 3:44:56 PM
Subject: [keycloak-user] Relative host possible in redirect URI when using Keycloak
appliance?
Good day,
A few weeks ago, I was deploying auth-server.war inside a JBoss 6.1.0alpha
instance and using relative URIs for redirects on my registered
applications. For example, a single redirect uri of '/hello-world/*' meant
that I could access our app from:
* http://localhost:8080/hello-world/
* https://localhost:8443/hello-world/
* http://[workstation]:8080/hello-world/
* https://[workstation]:8443/hello-world/
This was very convenient as we deploy the JBoss container on site for
customer use via automated installer, so trying to minimize the local
configurations required is important.
However, as per recent exchanges with Stian, I am now running a separate
Keycloak appliance instance (Wildfly 8.2), port-shifted by 100, along-side
our old JBoss instance.
This seems to require that I add 4 separate redirect_uris (above) in order
for things to work. As well, the latter two require knowledge of the target
machine's hostname.
I'm wondering if there is a way to use relative host URI, but keep the port
for application redirect_uri. Or perhaps a hostname placeholder? Possible
example:
* http://${ jboss.host.name }:8080/hello-world/
Any sort of placeholder for the current host-name would simplify the current
post-install configuration required.
We don't have anything atm that'll let you do that. You could use a proxy to put
both the app and Keycloak on the same domain/port, but that might be more setup than
you'd like.
If you're using an automated installer you can have it do the job for you though. Use
Keycloak's export facility to export the realm and all applications to a json file.
Then have your installer modify the redirect-uri for the application directly in the json
file, before you import it again into a freshly installed Keycloak server. I'd suggest
for an automated installation that'd be good approach in either case.
Thanks,
Guy
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
3578
days inactive
3579
days old
1 comments
2 participants
participants (2)
-
Guy Davis -
Stian Thorgersen