rootUri + OIDC single sign-on

Question

rootUri + OIDC single sign-on

Closed this issue 8 months ago · 2 comments

Describe the bug
We are running CloudBeaver EE under a rootURI subpath (/cloudbeaver) and have configured CloudBeaver EE to use OIDC single-sign-on.

We are having an issue where, if we set the rootURI to /cloudbeaver and the server URL to my.domain.com/cloudbeaver, the resulting OIDC signon URL duplicates the rootURI. (/cloudbeaver/cloudbeaver/api/openid/provider/signon)

If I set rootURI to /cloudbeaver and the server URL to just the domain (my.domain.com), the SSO flow works, but the redirect URL to sso.html does not contain the rootURI. (my.domain.com/sso.html versus my.domain.com/cloudbeaver/sso.html). So, after a successful login, the login window remains open and redirects to another site at the root of our domain.

AS #371793
conf.txt
runtime.txt
error screenshot
logs
slack thread

possible solution from @alexander-skoblikov
add this to plugins section of runtime

{
....
"app": {
....
"plugins": {
.....
"openid": {
"signon-finish-uri": "/cloudbeaver/sso.html",
"signout-finish-uri": "/cloudbeaver/sso.html"
}
}
}

antdbv commented 8 months ago

Jira task

Answer 1 · 2024-08-23T09:29:38.000Z

We will use Jira task, thank you