Closed jarulsamy closed 1 month ago
abujeda
commented
1 month ago I believe this issue has already been resolved: https://github.com/OSC/ondemand/pull/3448
https://github.com/OSC/ondemand/blob/master/ood-portal-generator/templates/ood-portal.conf.erb#L134
But, as far as I know, the changes are not yet available in a release.
johrstrom
commented
1 month ago Yes that's correct. It's been fixed and is being backported to 3.1 in #3548 .
jarulsamy
commented
1 month ago Oh, sweet! Sorry for the duplicate, shame on me for not looking hard enough for a similar issue.
Thanks! I look forward to the backport.
johrstrom
commented
1 month ago Oh, sweet! Sorry for the duplicate, shame on me for not looking hard enough for a similar issue.
No problem at all! It was a very recent addition, so if you'd been a month or so earlier, you'd have gotten there.
Thanks for opening the ticket! It never hurts to ask.
By default, configuring OIDC in
ood_portal.ymlgenerates an absolute path for the OIDC redirect URI in the resultinghttpdconfiguration file. For example:This works fine in most circumstances, however if one or more server aliases are also specified, then OIDC doesn't work correctly for the alias URLs, since only one URL is populated for the
OIDCRedirectURIfield in thehttpdconfig.Removing the fqdn (
OIDCRedirectURI /oidc) fixes this.mod_auth_openidchas supported relative paths since 2017 (relevant PR here: https://github.com/OpenIDC/mod_auth_openidc/pull/259).Could we add a configuration option to generate relative paths for the
OIDCRedirectURIoption inood-portal.yml? This would grant better support for multiple server aliases.