redirect URL with IP address instead of domain name

[Chrishan68]

Dear all,

I setup my Kasm community edition in Ubuntu 22 which is running on a Hyper-V server. Everything is working fine, but when I setup Authelia with openID to connect to Kasm, I will be redirected from the domain name with a certificate to my local IP address. error is: https://192.168.xxx.xxx/api/oidc_callback?error=unsupported_response_type&error_description=The+authorization+server+does+not+support+obtaining+a+token+using+this+method.+The+client+is+not+allowed+to+request+response_type+%27code%27.&state=d497e5xbe78xxd94a4790c5862ba0b327ac%3AZnsX8mJRubmWGxxxxVGBWznYd75Qix If I accept the warning and the risk I get "internal error"

My assumption is that I have to change the redirect URL in Kasm- openID to my domain name. But the field is locked and I cannot change it.

Any ideas how I can change this or to solve this problem?

Thanks

[j-travis]

You likely will need to re-create the OIDC config while logged into your deployment via the domain name instead of the ip address.

This issue is fixed for the next version of Kasm. That filed will be editable by the admin

[Chrishan68]

Thanks, I was able to fix this but it is still not working.

I implemented a LDAP Connection from Authelia to my Active Directory (all) and even in Kasm (one Kasm group). So login in Authelia is working the redirect also until If I accept this I got again an internal error with this link: https://kasm.mydomain.com/api/oidc_callback?code=authelia_ac_SYCprrTESZjw22GhjwjJ0Uusdgfsgfgsjhkö456536YSqADd8.nGjXlMTiySe8tB49r0CAb_CCQ1t4MfzHzjioO_qR3WY&scope=openid+email&state=d497e5be78d94a4790c586t7cbztudbrerrtw%3AuRIbjXRxzDJGijPfgsRMupN1mwmcfVIyV

I cannot find any errors in Kasm log and in Authelia this one msg= Unable to perform OpenID Connect Consent for user 'user' and client id 'kasm': the client is using the explicit consent mode and this consent session has already been responded to path= /api/oidc/consent

any further ideas to solve this? maybe there is a step-by-step guide how to install this ;-)

thanks!

[j-travis]

Someone in the community created a guide. Perhaps this works? https://www.authelia.com/integration/openid-connect/kasm-workspaces/

[Chrishan68]

Thanks, but this is the guide I already found and set up. I recreated this again but error is still the same: internal error after I accepted the request. See picture and link above

Any other ideas?

Maybe there is another authentication and openID provider which is free and easier to use ;-)

[j-travis]

You need to see what error is produced on the kasm side. If you log into the ui as an admin , there is a widget on the dashboard that shows an error count , clicking it will take you to the logs. You can also go to the logging widget directly and filter on errors. They take a minute or two to populate here after they happen.

You can also talk the kasm_api container directly.

sudo docker logs -f --tail 100 kasm_api , then run the test and see the log entries.

You can also turn on debug mode in the OIDC config which may show more information

[Chrishan68]

Solution is that authelia server was not reachable because entry in my dns server was missing and I expected that the request should go to external. DNS and /etc/hosts updated ;-)

Thanks!