Closed stoeps13 closed 7 months ago
Hi @stoeps13 ,
We tried using the approach you have suggested. We followed below steps and its working fine at our end including RTE. Can you please follow and verify as per below steps:
`
Please let us know if its fixes this issue for you, so we can update the doc accordingly. @caiaga FYI
Hi,
Meanwhile, I tried all possible combinations and gave up (with mapIdentityToRegistryUser and some tweaks, everything worked). I don't think your steps are enough. In my research, it was dependent on j2ee access roles of anonymous and everyone, but in none of my tested combinations RTE and /social work, all the time one of these apps showed an error (without mapIdentitiyToRegistryUser).
There is too much black magic involved, for me, to make this configuration acceptable for productive environments for now.
Maybe you should document the steps in more detail (with all access rights) and add an explanation of how profile mapping is working. As in plenty of deployments access rights are configured with LDAP groups, I'm curious how these mappings work in the end.
But thanks for your update.
Hi,
I gave up on this and will not do further test. Wasted tons of time on this.
Thanks for your update.
Hi, when I configure this like described in: https://github.com/HCL-TECH-SOFTWARE/hclds-keycloak/blob/8b7d76407079caef10c96a165b7973ed550c1e9e/docs/integration/ds-integration/cnx-integration.md?plain=1#L104-L106 I get a loading loop for Highlights and Homepage.
Doing the opposite, deleting
com.ibm.websphere.security.InvokeTAIbeforeSSO
and setcom.ibm.websphere.security.DeferTAItoSSO=com.ibm.ws.security.oidc.client.RelyingParty
, then everything works, except of the RTE widget.So not sure about this setting.
The Ansible project does the same (deleting
InvokeTAIbeforeSSO
) in their script: https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/f23269a34de6c3233941cc1d76b3e395fcfeb899/roles/third_party/ibm/wasnd/was-dmgr-oidc/templates/config_oidc.py.j2#L296-L297Can you please clarify this?
Regards Christoph