[keycloak-user] No redirect to original URL after going to identity provider
Sarah Phillips
sphillips at jefferies.com
Mon Sep 12 13:31:53 EDT 2016
I have a keycloak 1.9.8 install that I am trying to reconfigure.
I have a client that tries to authenticate requests to https://lvpalgomi1d.ln.jefco.com:8443/synchronicity/*
I have a saml 2.0 identity provider configured against pingfederate. The redirect URI is http://lvpalgomi1d.ln.jefco.com:8180/auth/realms/Algomi/broker/pingfederate_saml/endpoint
When I enter https://lvpalgomi1d.ln.jefco.com:8443/synchronicity/login.jsp into a web browser I end up at http://lvpalgomi1d.ln.jefco.com:8180/auth/realms/Algomi/broker/pingfederate_saml/endpoint which is not what I intend - I would like to be validated and then redirected back to the original location.
Is there another step to redirect the browser back to the original URL?
I am picking up this task from a colleague who moved on. I have tried reading the server-administration-guide but it does not seem to be helping with this problem.
How do I diagnose the issue? What settings do I need to check?
There are also a couple of ldap providers set up under User Federation. I don't know whether they are needed - I think they were previously used to authenticate against ldap but the users are looking for silent/pass-through authentication.
Actually, while I'm here, will SAML 2.0 even support Integrated Windows Authentication that I am supposed to be implementing, or must I use Kerberos to achieve that?
Many thanks,
Sarah
Jefferies archives and monitors outgoing and incoming e-mail. The contents of this email, including any attachments, are confidential to the ordinary user of the email address to which it was addressed. If you are not the addressee of this email you may not copy, forward, disclose or otherwise use it or any part of it in any form whatsoever. This email may be produced at the request of regulators or in connection with civil litigation. Jefferies accepts no liability for any errors or omissions arising as a result of transmission. Use by other than intended recipients is prohibited. In the United Kingdom, Jefferies operates as Jefferies International Limited; registered in England: no. 1978621; registered office: Vintners Place, 68 Upper Thames Street, London EC4V 3BJ. Jefferies International Limited is authorized and regulated by the Financial Conduct Authority.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160912/aff06908/attachment-0001.html
More information about the keycloak-user
mailing list