OIDC Relative Path Support for httpd #3562
Milestone
Comments
|
I believe this issue has already been resolved: https://github.com/OSC/ondemand/blob/master/ood-portal-generator/templates/ood-portal.conf.erb#L134 But, as far as I know, the changes are not yet available in a release. |
|
Yes that's correct. It's been fixed and is being backported to 3.1 in #3548 . |
|
Oh, sweet! Sorry for the duplicate, shame on me for not looking hard enough for a similar issue. Thanks! I look forward to the backport. |
No problem at all! It was a very recent addition, so if you'd been a month or so earlier, you'd have gotten there. Thanks for opening the ticket! It never hurts to ask. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
By default, configuring OIDC in
ood_portal.ymlgenerates an absolute path for the OIDC redirect URI in the resultinghttpdconfiguration file.For example:
This works fine in most circumstances, however if one or more server aliases are also specified, then OIDC doesn't work correctly for the alias URLs, since only one URL is populated for the
OIDCRedirectURIfield in thehttpdconfig.Removing the fqdn (
OIDCRedirectURI /oidc) fixes this.mod_auth_openidchas supported relative paths since 2017 (relevant PR here: OpenIDC/mod_auth_openidc#259).Could we add a configuration option to generate relative paths for the
OIDCRedirectURIoption inood-portal.yml? This would grant better support for multiple server aliases.The text was updated successfully, but these errors were encountered: