apiman
Replies: 1 comment
-
|
Could this be that you need to configure On KC |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
SETUP
Apiman version : 2.2.0.Final
Keycloak version : 15.1.1
Environment
Manager platform : Wildfly
Gateway platform : Wildfly
Description :
Hello,
We would like to have more information on APIMAN and keycloak exchange because we ran into a problem with the authentication of the manager APIMAN.
Simplified architecture of our application :
reverse-proxy <> APIMAN manager (keycloak on the same server).
The process is as follows :
When you connect to the APIMAN manager interface (API configuration administration console), a request is sent to keycloak, APIMAN retrieves the information with the OIDC protocol (the .well-known/openid-configuration file).
Screenshots
When the APIMAN manager retrieves its information, the manager's IP address is displayed on the client's manager authentication page and not the reverse-proxy IP address (this is not acceptable in terms of security).
Screenshots
How can we configure the APIMAN manager so that the client sees the reverse-proxy address ?
Test :
We tested to change the configuration of the standalone-apiman.xml file with the IP address of the reverse proxy :
Attribute : env:APIMAN_AUTH_URL
Screenshots
Expected behaviour
The connection URL to the APIMAN manager should be :
https://DNS_REVERSE_PROXY/auth/realms/apiman/protocol/openid-connect/...
Could you please help us on this matter?
Thank you for your help and collaboration,
Sincerely.
Jrad Yassine
Beta Was this translation helpful? Give feedback.
All reactions