Unable to redirect back to application page after keycloak login

[Meghana B Srinath]

I have deployed the OIDC provider-keycloak in a k8s cluster and it is exposed as a load balancer.
I'm using this along with Istio to redirect back to my application after successful login in keycloak.
The application is accessible at

https://<istio-ingressgateway-ip>/hello

When I hit

https://<istio-ingressgateway-ip>/hello

it is correctly re-directing me to Keycloak login page at

https://<keycloak-ip>/auth/realms/<realm-name>/protocol/openid-connect/auth

However, after entering the username and password for the user, I'm not able to get the redirection back to my application at

https://<istio-ingressgateway-ip>/hello

I think the user set up is correct as I'm successfully able to login to the keycloak user console at

http://<keycloak-ip>/auth/realms/<realm-name>/account

I have configured the below values as the 'valid redirect URIs' in keycloak client:

https://<istio-ingressgateway-ip>
https://<istio-ingressgateway-ip>/hello/oauth/callback
https://<istio-ingressgateway-ip>/*
https://<keycloak-ip>/auth/realms/<realm-name>/protocol/openid-connect/auth/oauth/callback
https://<keycloak-ip>/auth/realms/<realm-name>/protocol/openid-connect/auth

Can please someone let me know what is missing here for the redirection.

[naren]

Hi Team,

For me also got similar error, after successful login i got below error and unable to redirect the app page.

 

This site can’t be reached

The web page at https://jaeger-query-secure.hostname.com:0/?state=0564e43f-25fd-4a41-92de-406c0aa2d354&session_state=0efd9378-2497-b83e-aa5f64047022&code=3f52d963-5059-807f-5b7be119444d.0efd9378-2497-4f75-b83e-aa5f64047022.4a7bb093-522b-4639-5224166d900e might be temporarily down or it may have moved permanently to a new web address.

ERR_ADDRESS_INVALID

• keycloak-server image: jboss/keycloak:4.8.3.Final Expose http service only but we have add certs cluster wise. So we have the server access via secure (https://keycloak.hostname.com)
• keycloak-proxy image: jboss/keycloak-proxy:4.3.0.Final  We have access the app via secure(https://app.hostname.com)

[Bruno Oliveira]

Is the outcome the same when you try it with the latest releases?

On 2020-07-13, naren wrote:
>Hi Team,
>
>For me also got similar error, after successful login i got below error and
>unable to redirect the app page.
> This site can’t be reached
>
>The web page at

>*https://jaeger-query-secure.hostname.com:0/?state=0564e43f-25fd-4a41-92de-406c0aa2d354&session_state=0efd9378-2497-b83e-aa5f64047022&code=3f52d963-5059-807f-5b7be119444d.0efd9378-2497-4f75-b83e-aa5f64047022.4a7bb093-522b-4639-5224166d900e* might

>be temporarily down or it may have moved permanently to a new web address.
>ERR_ADDRESS_INVALID
>

> - *keycloak-server image: jboss/keycloak:4.8.3.Final* Expose http

> service only but we have add certs cluster wise. So we have the server
> access via secure (https://keycloak.hostname.com)

> - *keycloak-proxy image: jboss/keycloak-proxy:4.3.0.Final * We have

>--
>You received this message because you are subscribed to the Google Groups "Keycloak User" group.
>To unsubscribe from this group and stop receiving emails from it, send an email to keycloak-use...@googlegroups.com.
>To view this discussion on the web visit https://groups.google.com/d/msgid/keycloak-user/ca0df9ca-bd58-43a0-9b0e-6989724f8022o%40googlegroups.com.


--

abstractj