问题
I'm running WSO2 5.7.0, using OIDC with the Implicit Flow. I have set the context root to wso2-is, so the authorize endpoint is located at http://MY_DOMAIN/wso2-is/oauth2/authorize. When I begin the flow with a GET call to the oauth2/authorizeendpoint, I am redirected to http://MY_DOMAIN/authenticationendpoint/login.do?client_id=MY_CLIENT_ID&commonAuthCallerPath=%2Foauth2%2Fauthorize....
The problem is that it drops the context root and so later in the Implicit Flow I am (incorrectly) redirected to http://MY_DOMAIN/oauth2/authorize, which fails because that URL lacks the context root of wso2-is. How/where in the code is the commonAuthCallerPath parameter set?
回答1:
As per the official documentation, using a reverse proxy is the recommended way to add a custom context path to wso2 products.
If you are not going to use a reverse proxy, I would suggest the following steps to add a custom context path. But, note that I have tested basic authentication with oauth2/oidc only.
- Set
WebContextRootinrepository/conf/carbon.xmlto/wso2-isto change the context path of the carbon management console - Set
ProxyContextPathinrepository/conf/carbon.xmlto/wso2-is - Rename
oauth2.warandauthenticationendpoint.warinrepository/deployment/server/webapps/by adding a prefixwso2-is# Update
repository/conf/indeitiy/identity.xmlall the relevent instances of the following pattern by adding the context path/wso2-isafter the port${carbon.protocol}://${carbon.host}:${carbon.management.port}/xxxxxto${carbon.protocol}://${carbon.host}:${carbon.management.port}/wso2-is/xxxxxUpdate
AuthenticationEndpointURL,AuthenticationEndpointRetryURLandAuthenticationEndpointMissingClaimsURLvalues inrepository/conf/identity/application-authentication.xmlby adding/wso2-isprefixRestart the Identity Server
Do not forget that, this is not the recommended way in the documentation.
来源:https://stackoverflow.com/questions/54989255/wso2-is-how-to-set-commonauth-caller-path