Closed RobinAdvens closed 4 months ago
I have a similar problem with version 2.13
The redirection error suggests that the application might be ignoring or incorrectly processing the basePath
or base_redirect_url
after authentication. I don't think we update anything for basePath. For opensearch_security.openid.base_redirect_url
, this is to ensure that after authentication, the user is redirected back to the right base URL, which includes the cluster name.
@opensearch-project/admin could you help us to redirect it to the security team?
Looks like a regression introduced by https://github.com/opensearch-project/security-dashboards-plugin/pull/1563
Taking a look. Also related: https://github.com/opensearch-project/security-dashboards-plugin/issues/1823
[Triage] Hi @RobinAdvens thank you for filing this issue. Looks like #1899 will resolve this issue. We can close this when that PR is merged.
Describe the bug Since I upgraded from 2.11.1 to 2.12.0, I encounter a bug in redirection with openID (keycloak) at the end of authentification process.
Fom https://myUrl.com/clusterName/app/login I click on log in with single sign-on which redirect to https://myUrl.com/clusterName/auth/openid/captureUrlFragment?nextUrl=%2F then at the end of the authentication I'm redirected to https://myUrl.com/ instead of https://myUrl.com/clusterName/
I don't have issue if I tried to connect from an other path, for example if I tried to connect to https://myUrl.com/clusterName/app/home, I'll be redirected to https://myUrl.com/clusterName/app/login?nextUrl=%2FclusterName%2Fapp%2Fhome and then my url for ipd is https://myUrl.com/clusterName/auth/openid/captureUrlFragment?nextUrl=%2FclusterName%2Fapp%2Fhome
When I was in 2.11.1, opensearch was giving me https://myUrl.com/clusterName/auth/openid/login url for keycloack and everything was working perfectly.
I'm using opensearch with opensearch operator on kubernetes.
OpenSearch Version OpenSearch and OpenSearch-dashboard are both in 2.12.0 and 2.13.0 opensearch-operator is in 2.4.0
Additional context Par of my dashboards-config :