Status: Closed (View Workflow)
Resolution: Out of Date
Affects Version/s: 3.4.3.Final
Fix Version/s: None
Component/s: Adapter - JEE
Steps to Reproduce:
- Open the application
- The application see that the user is not logged in and is thus redirected to sso login page
- User logs in the user name and password
- The page redirects after successful authentication
- The request fails as the redirect url has port 0 in it
Docs QE Status:NEW
We have a JSP + MVC server based application deployed on JBoss which we are integrating with Keycloak to enable SSO.
For this we installed the adapter on Jboss and configured the application using keyclaok.json and web.xml auth method change.
However after changing the application when we are deploying the application and validating the changes we can see some weird redirect_uri.
DEBUG [org.keycloak.adapters.OAuthRequestAuthenticator] Sending redirect to login page: https://sso.qa.xx.com/auth/realms/xx-external/protocol/openid-connect/auth?response_type=code&client_id=https%3A%2F%2Fwww.qa.xx.com%2Fwapps%2Fyyyy-oidc&redirect_uri=https%3A%2F%2Fwww.qa.xx.com%3A0%2Fwapps%2Fyyyy%2Fprotected%2Flist.html&state=5dd95daa-9854-47e5-8912-46d5d7fbb8c1&login=true&scope=openid
If you look closely we are getting port as 0 added and hence the whole url just becomes wrong and the login flow fails.
I am analyzing the code to see why this is happening but wanted to raise this as an incident as I feel that the port conditions are not handing all the cases correctly.