Open nullmonk opened 8 months ago
@micahjmartin , that may happen when you use http.
Also, read up on delayed start in the docs. You may want to add that directive.
If you do use http, please see cookie insecure directive.
@micahjmartin , that may happen when you use http.
There shouldnt be any http requests, setting KC_HOSTNAME_URL
overrides all the URLs in openid-configuration
to be HTTPS, which are then passed to the browser. I can confirm too that the browser is using HTTPS when it is hitting both keycloak and caddy. The only reason metadata_url
is hitting the private route is because the certificates are self-signed by caddy and the client used to collect the metadata_url
does not trust the caddy certificate.
Also, read up on delayed start in the docs. You may want to add that directive.
I have a delay_start 2
in my Caddyfile above, sorry the indentation was messed up
After successfully getting a login from an OAuth2 authentication server, the security plugin is immediately issuing a redirect back to login. This prevents the user from ever seeing pages despite having a valid
AUTHP_SESSION_ID