You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@apisix.apache.org by GitBox <gi...@apache.org> on 2021/10/17 00:39:09 UTC
[GitHub] [apisix] haowang-pony removed a comment on issue #5253: request help: Apisix use as apisix ingress controller and integrate with keycloak
haowang-pony removed a comment on issue #5253:
URL: https://github.com/apache/apisix/issues/5253#issuecomment-944873149
I just tried the authz-keycloak, but met the same problem. the request was redirect between apisix and keycloak back and forth. And I checked request cookies already has access-token.
Here is my config
```
apiVersion: apisix.apache.org/v2beta1
kind: ApisixRoute
metadata:
name: httpbin-route
namespace: ingress-apisix
spec:
http:
- name: httpbin
match:
hosts:
- httpbin.k8s.fr.corp.pony.ai
paths:
- /*
backends:
- serviceName: httpbin
servicePort: 80
plugins:
- name: authz-keycloak
enable: true
config:
client_id: apisix
client_secret: ""
discovery: ***/.well-known/openid-configuration
policy_enforcement_mode: PERMISSIVE
```
I'm wondering the authz-keycloak and openid-connect plugin only check the access-token in header but failed to check the access token in cookie. Because if I set the access-token into request header, the workflow works very well.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org