[GitHub] [apisix] haowang-pony removed a comment on issue #5253: request help: Apisix use as apisix ingress controller and integrate with keycloak

[GitBox <gi...@apache.org>]

haowang-pony removed a comment on issue #5253:
URL: https://github.com/apache/apisix/issues/5253#issuecomment-944873149


   I just tried the authz-keycloak, but met the same problem. the request was redirect between apisix and keycloak back and forth. And I checked request cookies already has access-token. 
   
   Here is my config
   ```
   
   apiVersion: apisix.apache.org/v2beta1
   kind: ApisixRoute
   metadata:
     name: httpbin-route
     namespace: ingress-apisix
   spec:
     http:
       - name: httpbin
         match:
           hosts:
           - httpbin.k8s.fr.corp.pony.ai
           paths:
             - /*
         backends:
           - serviceName: httpbin
             servicePort: 80
         plugins:
           - name: authz-keycloak
             enable: true
             config:
                 client_id: apisix
                 client_secret: ""
                 discovery: ***/.well-known/openid-configuration
                 policy_enforcement_mode: PERMISSIVE
   ```
   
   I'm wondering the authz-keycloak and openid-connect plugin only check the access-token in header but failed to check the access token in cookie. Because if I set the access-token into request header, the workflow works very well.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org