Open beffe123 opened 4 years ago
That's because this oidc
plugin works with lua-resty-openidc
lib, it also uses lua-resty-session
directly. You can add manually the sessionConfig parameters in the schema.lua and update the authenticate method:
local res, err = require("resty.openidc").authenticate(oidcConfig, nil, nil, sessionConfig)
One more thing, the kong-session plugin is based on lua-resty-session
too, so you will have the same functionality, but u will need to implement. I think the kong plugin is exclusively meant for work with the enterprise plugins.
Hi guys! I've had a hard time to make the OIDC plugin work with my Kong setup (on AWS EKS) Thanks to https://github.com/nokia/kong-oidc/issues/123, setting the session secrect for both Kong and the OIDC plugin finally did the trick. (I also raised the large_client_header_buffers to "8 24k")
Although everything is working fine now I am a little bit concerned if the cookie header size might be an issue in the future.
So my question is, would it be possible to use the Kong Session plugin (https://docs.konghq.com/hub/kong-inc/session/) with the database as a session storage instead of cookies? I've activated the session plugin globally but the OIDC plugin still uses its own session cookies.
Thanks, Stephan