search

qwc-services / qwc-db-auth

QWC authentication service based on local user DB
MIT License
0 stars 13 forks source link

using as standalone service #10

Closed lassitanskanen closed 1 year ago

lassitanskanen commented 3 years ago

Hi, There might be issue after login process when auth service redirect back web map viewer.

When running db-auth service in different port than web map viewer, the redirect will not work after login. For some reason the beginning of the url parameter url is cutting off and target_url will use db auth service beginning.

Screenshot 2021-09-19 at 21 16 31

However, there is no issue when using with api gateway the origin is same than there is no issue.. :D

pka commented 2 years ago

Cutting off the host part of the redirection URL was requested by an external security audit. So this is an unfortunate side effect when using qwc-services as standalone services. Good ideas welcome...