Implementation of this mod in a server to server environment #1028
Replies: 2 comments 1 reply
-
mod_auth2 is suited for that use case https://github.com/zmartzone/mod_oauth2 |
Beta Was this translation helpful? Give feedback.
-
the bearer token is received from apache, but it seems there are some crypto error, so maybe I've to configure still something:
|
Beta Was this translation helpful? Give feedback.
-
Hi to all, I've implemented this mod authenticating apache users aganist a keycloak environment.
the user is redirect to keycloak login page (if not already authenticated) and after this the module can correctly intercept the jwt token to authenticate the users.
I wonder how it can work in case of direct conversation between two servers. I try to explain myself better.
I have an A server that will send a request to an apache reverse proxy B with this mod installed; the request will be populated with the authorization header containing the bearer token. In this case, is the mod able to intercept the header and proceed with the authentication and possibly with the extraction of the claims? i tried but the server is redirected to the keycloak login page even though i have a valid bearer token in the authorization header.
Making the request from a browser and then with a valid keycloak cookie instead the apache reverse proxy with the mod works correctly.
it seems that the authorization header is not correctly read from apache with the mod, otherwise passing through the keycloak authentication the authorization header created by the keycloak server is read correctly
any idea?
thanks!
Beta Was this translation helpful? Give feedback.
All reactions