[keycloak-user] Very strange behavior when access to IDP from SpringSecurity adapter over HTTPS.

Michael Furman michael_furman at hotmail.com
Tue Dec 13 05:12:49 EST 2016


Hi all,
I try to access from SpringSecurity adapter over HTTPS without success.
When I try to access to IDP over HTTPS the redirect_uri is replaced to localhost:

https://192.168.110.2:8443/auth/realms/master/protocol/openid-connect/auth?response_type=code&client_id=testclient&redirect_uri=http%3A%2F%2Flocalhost%3A8081%2Fapp%2Fsso%2Flogin&state=0%2Fdb8aabf5-0756-4eef-992f-ba1e3eae8084&login=true&scope=openid

Then I get this error in UI:
WE'RE SORRY ...
Invalid parameter: redirect_uri

Similar, when I try to access to IDP over HTTP, the redirect_uri is replaced to localhost:
http://192.168.110.2:9080/auth/realms/master/protocol/openid-connect/auth?response_type=code&client_id=testclient&redirect_uri=http%3A%2F%2Flocalhost%3A8081%2Fapp%2Fsso%2Flogin&state=0%2F66c8bcdb-7ebc-4812-afb6-07d0a7f4bc99&login=true&scope=openid

Same error in UI:
WE'RE SORRY ...
Invalid parameter: redirect_uri

Only if I access from SpringSecurity adapter over HTTP the redirect_uri has correct value and it works:
http://192.168.110.2:9080/auth/realms/master/protocol/openid-connect/auth?response_type=code&client_id=testclient&redirect_uri=http%3A%2F%2F192.168.110.2%3A8081%2Fapp%2Fsso%2Flogin&state=2%2F7553a833-0fdf-48e8-afc2-c882c9625479&login=true&scope=openid

Finally I can see the login page.
What wrong in my configurations?
Any help will be appreciated.
Best regards,
   Michael



More information about the keycloak-user mailing list