[MGNLSSO-207] Validate that Pac4j can work with multi-client configuration Created: 29/Nov/22 Updated: 17/Jan/23 Resolved: 17/Jan/23 |
|
| Status: | Closed |
| Project: | Single Sign On |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Task | Priority: | Neutral |
| Reporter: | Matt Rajkovic | Assignee: | Nguyen Phung Chi |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Σ Remaining Estimate: | Not Specified | Remaining Estimate: | Not Specified |
| Σ Time Spent: | Not Specified | Time Spent: | Not Specified |
| Σ Original Estimate: | Not Specified | Original Estimate: | Not Specified |
| Issue Links: |
|
||||||||||
| Sub-Tasks: |
|
||||||||||
| Template: |
|
||||||||||
| Acceptance criteria: |
Empty
|
||||||||||
| Task DoR: |
Empty
|
||||||||||
| Date of First Response: | |||||||||||
| Epic Link: | SSO support for custom IdPs | ||||||||||
| Sprint: | AdminX 25, AdminX 26 Xmas & New year, AdminX 27 | ||||||||||
| Story Points: | 3 | ||||||||||
| Team: | |||||||||||
| Work Started: | |||||||||||
| Description |
Goal
|
| Comments |
| Comment by Nguyen Phung Chi [ 17/Jan/23 ] |
|
I've tried to configure the SSO module with two Oidc clients (both are Keycloak running locally with complete different setup and port). So, there are 2 Oidc clients created in the Pac4j config, but it actually works as following:
For reference, please have a look on the link above. In summary, that means SSO module supports multiple clients config (also inspired and support from Pac4j), but in fact Pac4j always get the first indirect client to proceed. Maybe I didn't find the way to make it works, but it shouldn't be so tricky (at least from Pac4j). I think we need to dive in deeper to find out the possibility/solution to support the use case. cc ccantalapiedra, mgeljic , efochr |