5:56 a.m.
I have integrated keycloak with a web application using the java adapter
(no changes on the Angular frontend, just backend) We have several clients
in our aplication, and we have the option of chosing among them through a
query string on the URL. For example:
https://localhost:8443/myapp/#/login?client=TEST-CLIENT
If I use Keycloak as an IDP, it works fine, as the query string is kept.
But using ADFS as an IDP, the quey string is lost, so I don't get to the
correct client (TEST-CLIENT in this case) when redirected.
Any idea how to keep the whole url in order to make it work?
8:28 a.m.
Am I understand correctly, that you always use keycloak.js adapter and
you always redirect to Keycloak, but in the case (1), you login directly
in Keycloak (username + password screen on KC side) and in case (2), the
Keycloak redirects to ADFS Idp with the usage of identity brokering?
Marek
On 26/02/2019 12:56, David Rodriguez wrote:
I have integrated keycloak with a web application using the java
adapter
(no changes on the Angular frontend, just backend) We have several clients
in our aplication, and we have the option of chosing among them through a
query string on the URL. For example:
https://localhost:8443/myapp/#/login?client=TEST-CLIENT
If I use Keycloak as an IDP, it works fine, as the query string is kept.
But using ADFS as an IDP, the quey string is lost, so I don't get to the
correct client (TEST-CLIENT in this case) when redirected.
Any idea how to keep the whole url in order to make it work?
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
8:42 a.m.
No, sorry. There was an error in doing it. It didn't work with Keycloak as
an IDP neither (it seemed to work but it was due to some configuration in
my application that messed things). I have been doing more tests and the
problem seems to be with the '#'.
Regarding the adapter, I am using the java adapter, the front end does not
know about keycloak.
So in the backend it seems I cannot fix this, because the parsing of the
url will consider only https://localhost:8443/myapp/
<https://localhost:8443/myapp/#/login?client=TEST-CLIENT> and discard the
rest of the URL
I see only one solution if keycloak cannot handle anything after '#':
getting the front-end guys to get rid of that '#', although maybe angular
js cannot work without it.
El mar., 26 feb. 2019 a las 15:28, Marek Posolda (<mposolda(a)redhat.com>)
escribió:
Am I understand correctly, that you always use keycloak.js adapter
and
you always redirect to Keycloak, but in the case (1), you login directly
in Keycloak (username + password screen on KC side) and in case (2), the
Keycloak redirects to ADFS Idp with the usage of identity brokering?
Marek
On 26/02/2019 12:56, David Rodriguez wrote:
> I have integrated keycloak with a web application using the java adapter
> (no changes on the Angular frontend, just backend) We have several
clients
> in our aplication, and we have the option of chosing among them through a
> query string on the URL. For example:
>
> https://localhost:8443/myapp/#/login?client=TEST-CLIENT
>
> If I use Keycloak as an IDP, it works fine, as the query string is kept.
> But using ADFS as an IDP, the quey string is lost, so I don't get to the
> correct client (TEST-CLIENT in this case) when redirected.
>
> Any idea how to keep the whole url in order to make it work?
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
--
David RodrÃguez Ortiz
2143
days inactive
2143
days old
2 comments
2 participants
participants (2)
-
David Rodriguez -
Marek Posolda