HELP! OpenID Connect Keycloak-XNAT HTTPS error

27 views
Skip to first unread message

Matteo Riva

unread,
Nov 16, 2022, 5:21:55 AM11/16/22
to Keycloak Dev
Hello everyone,

This time I am really desperate! Can you help me please?
Here I explain the issue and I guess it is an HTTPS problem, since with HTTP I had the same setting, but all was working properly.

When I try to login from this page (Figure 1)
login_keycloak.JPG
And I insert the credentials, I get this (Figure 2):

nologin_xnat.JPG

KEYCLOAK SIDE (XNAT BUTTON, Figure 1):

</div>
<p></p>
<div class="row-xnat-redcap" style="display:flex">
        <a href="https://xnaturl.it/openid-login?providerId=xnat-keycloak-client">
<img src="https://www.xnat.org/images/XNAT-logo-980.png" style="height:85px; width:210px;" id="xnat" class="button1" align="left" />
</a>

KEYCLOAK SIDE (ADMIN):
keycloak_setting1.JPG
keycloak_setting2.JPG
myurl.JPG
XNAT SIDE (OPENID CONNECT PLUGIN, Figure 2)

auth.method=openid
type=openid
provider.id=xnat-keycloak-client
visible=true
auto.enabled=false
auto.verified=false
name=OpenID Authentication Provider
disableUsernamePasswordLogin=false
enabled=xnat-keycloak-client
siteUrl=https://xnaturl.it
preEstablishedRedirUri=/openid-login

openid.xnat-keycloak-client.clientId=xnat-keycloak-client
openid.xnat-keycloak-client.clientSecret=*********************************
openid.xnat-keycloak-client.accessTokenUri=https://keycloakurl.it/auth/realms/redcap-xnat-keycloak/protocol/openid-connect/token
openid.xnat-keycloak-client.userAuthUri=https://keycloakurl.it/auth/realms/redcap-xnat-keycloak/protocol/openid-connect/auth
openid.xnat-keycloak-client.userInfoUri=https://keycloakurl.it/auth/realms/redcap-xnat-keycloak/protocol/openid-connect/userinfo
openid.xnat-keycloak-client.pkceEnabled=false
openid.xnat-keycloak-client.scopes=openid,profile,offline_access,address,email,phone,roles,microprofile-jwt,web-origins
openid.xnat-keycloak-client.link=<p>To sign-in using your Keycloak credentials, please click on the button below.</p><p><a href="/openid-login?providerId=xnat-keycloak-client"><img src="/images/keycloak.png" style="max-width: 200px;" /></a></p>
openid.xnat-keycloak-client.shouldFilterEmailDomains=false
openid.xnat-keycloak-client.forceUserCreate=true
openid.xnat-keycloak-client.userAutoEnabled=false
openid.xnat-keycloak-client.userAutoVerified=false
openid.xnat-keycloak-client.emailProperty=email
openid.xnat-keycloak-client.givenNameProperty=given_name
openid.xnat-keycloak-client.familyNameProperty=family_name

I DO NOT REALLY KNOW WHAT IS WRONG...

Thank you so much in advance.
Cheers,

Matteo
Reply all
Reply to author
Forward
0 new messages