WSO2 IS:如何设置 Commonauth 调用者路径 [英] WSO2 IS: How to Set Commonauth Caller Path

问题描述

我正在运行 WSO2 5.7.0，使用带有隐式流的 OIDC.我已将上下文根设置为 wso2-is，因此授权端点位于 http://MY_DOMAIN/wso2-is/oauth2/authorize.当我通过对 oauth2/authorize 端点的 GET 调用开始流程时，我被重定向到 http://MY_DOMAIN/authenticationendpoint/login.do?client_id=MY_CLIENT_ID&commonAuthCallerPath=%2Foauth2%2F 授权....

I'm running WSO2 5.7.0, using OIDC with the Implicit Flow. I have set the context root to wso2-is, so the authorize endpoint is located at http://MY_DOMAIN/wso2-is/oauth2/authorize. When I begin the flow with a GET call to the oauth2/authorizeendpoint, I am redirected to http://MY_DOMAIN/authenticationendpoint/login.do?client_id=MY_CLIENT_ID&commonAuthCallerPath=%2Foauth2%2Fauthorize....

问题是它删除了上下文根，因此稍后在隐式流中我(错误地)重定向到 http://MY_DOMAIN/oauth2/authorize，这失败了，因为该 URL 缺少wso2-is 的上下文根.commonAuthCallerPath 参数集如何/在代码中的位置?

The problem is that it drops the context root and so later in the Implicit Flow I am (incorrectly) redirected to http://MY_DOMAIN/oauth2/authorize, which fails because that URL lacks the context root of wso2-is. How/where in the code is the commonAuthCallerPath parameter set?

推荐答案

根据 官方文档，使用反向代理是向 wso2 产品添加自定义上下文路径的推荐方法.

As per the official documentation, using a reverse proxy is the recommended way to add a custom context path to wso2 products.

如果您不打算使用反向代理，我建议您按照以下步骤添加自定义上下文路径.但是，请注意，我仅使用 oauth2/oidc 测试了基本身份验证.

If you are not going to use a reverse proxy, I would suggest the following steps to add a custom context path. But, note that I have tested basic authentication with oauth2/oidc only.

1. 将repository/conf/carbon.xml中的WebContextRoot设置为/wso2-is以改变carbon管理控制台的上下文路径
2. 将repository/conf/carbon.xml中的ProxyContextPath设置为/wso2-is
3. 通过添加前缀 wso2- 重命名 repository/deployment/server/webapps/ 中的 oauth2.war 和 authenticationendpoint.war是#

4. 更新 repository/conf/indeitiy/identity.xml 通过在端口后添加上下文路径 /wso2-is 以下模式的所有相关实例${carbon.protocol}://${carbon.host}:${carbon.management.port}/xxxxx到${carbon.protocol}://${carbon.host}:${carbon.management.port}/wso2-is/xxxxx

1. Set WebContextRoot in repository/conf/carbon.xml to /wso2-is to change the context path of the carbon management console
2. Set ProxyContextPath in repository/conf/carbon.xml to /wso2-is
3. Rename oauth2.war and authenticationendpoint.war in repository/deployment/server/webapps/ by adding a prefix wso2-is#

4. Update repository/conf/indeitiy/identity.xml all the relevent instances of the following pattern by adding the context path /wso2-is after the port ${carbon.protocol}://${carbon.host}:${carbon.management.port}/xxxxx to ${carbon.protocol}://${carbon.host}:${carbon.management.port}/wso2-is/xxxxx

更新 repository/conf/identity/application-authentication.xml 中的 AuthenticationEndpointURL、AuthenticationEndpointRetryURL 和 AuthenticationEndpointMissingClaimsURL 值 通过添加 /wso2-is 前缀

Update AuthenticationEndpointURL, AuthenticationEndpointRetryURL and AuthenticationEndpointMissingClaimsURL values in repository/conf/identity/application-authentication.xml by adding /wso2-is prefix

重启身份服务器

不要忘记，这不是 文档.

这篇关于WSO2 IS:如何设置 Commonauth 调用者路径的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！