Keycloak and cBioportal
234 views
Skip to first unread message
Jamie O'CONNOR
Dec 16, 2021, 1:22:56 PM12/16/21
to cbiop...@googlegroups.com
Hi,
I'm currently trying to set up keycloak with cbioportal, and I'm running
into some issues with reverse proxying the keycloak part of the
authentication process.
I've installed both kc and bioportal with docker as per the
instructions, and I'm using nginx as my web server. My reverse proxy
config looks like this:
server {
listen 80;
server_name cbioportal.domain;
location / {
proxy_pass http://localhost:8180;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_cache_bypass $http_upgrade;
}
location /data {
proxy_pass http://localhost:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_cache_bypass $http_upgrade;
}
}
When I point my browser at cbioportal.domain/data, it redirects to
cbioportal.domain, and I get a keycloak 404 message. I've defined this
address in the portal.properties file, using the
saml.sp.metadata.entitybaseurl directive. The addresses are in my
/etc/hosts file for testing purposes. The 404 is at an address ending
"saml/discovery?entityID=cbioportal&returnIDParam=idp".
Is there some part of the necessary configuration for this I'm missing?
Thanks in advance for any pointers.
Thanks,
Jamie O'Connor
I'm currently trying to set up keycloak with cbioportal, and I'm running
into some issues with reverse proxying the keycloak part of the
authentication process.
I've installed both kc and bioportal with docker as per the
instructions, and I'm using nginx as my web server. My reverse proxy
config looks like this:
server {
listen 80;
server_name cbioportal.domain;
location / {
proxy_pass http://localhost:8180;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_cache_bypass $http_upgrade;
}
location /data {
proxy_pass http://localhost:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_cache_bypass $http_upgrade;
}
}
When I point my browser at cbioportal.domain/data, it redirects to
cbioportal.domain, and I get a keycloak 404 message. I've defined this
address in the portal.properties file, using the
saml.sp.metadata.entitybaseurl directive. The addresses are in my
/etc/hosts file for testing purposes. The 404 is at an address ending
"saml/discovery?entityID=cbioportal&returnIDParam=idp".
Is there some part of the necessary configuration for this I'm missing?
Thanks in advance for any pointers.
Thanks,
Jamie O'Connor
Benjamin Gross
Dec 17, 2021, 10:54:25 AM12/17/21
to Jamie O'CONNOR, cbiop...@googlegroups.com
Hi Jamie,
For starters, I think you need to instruct the web-app runner that there is a proxy server sitting in front of it.
You can see an example of this here:
https://github.com/heroku/webapp-runner#using-tomcat-behind-a-reverse-proxy-server
You will have to update the webapp-runner command line in the docker compose file:
https://github.com/cBioPortal/cbioportal-docker-compose/blob/master/docker-compose.yml#L20
Let us know if this fixes it.
Best,
Benjamin
> --
> You received this message because you are subscribed to the Google Groups "cBioPortal for Cancer Genomics Discussion Group" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to cbioportal+...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/cbioportal/DB3PR0402MB3881212927F7502E05F42776C4779%40DB3PR0402MB3881.eurprd04.prod.outlook.com.
For starters, I think you need to instruct the web-app runner that there is a proxy server sitting in front of it.
You can see an example of this here:
https://github.com/heroku/webapp-runner#using-tomcat-behind-a-reverse-proxy-server
You will have to update the webapp-runner command line in the docker compose file:
https://github.com/cBioPortal/cbioportal-docker-compose/blob/master/docker-compose.yml#L20
Let us know if this fixes it.
Best,
Benjamin
> You received this message because you are subscribed to the Google Groups "cBioPortal for Cancer Genomics Discussion Group" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to cbioportal+...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/cbioportal/DB3PR0402MB3881212927F7502E05F42776C4779%40DB3PR0402MB3881.eurprd04.prod.outlook.com.
Reply all
Reply to author
Forward
0 new messages