-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
help request: Openid-connect - how to diagnose the error page "An error occurred. You can report issue to APISIX Faithfully yours, APISIX." #8452
Comments
any error logs about this in |
Not sure which log I have to look at.
for apisix pod
For apisix-ingress-controller pod
BTW is it correct to have the state in the URL instead of in the authorization header? |
how did you add SSL object to APISIX which sni is It looks like APISIX found an SSL resource with the sni of |
Well, I have also another route (without openid-connect) "www.h.net" that works correctly and when I access this route I see in the apisix logs
without errors Also deleting the openid-connect plugin the "apisix.h.net" route works correctly and in apisix pod log I see
What can I try? |
maybe fix by: #8068 |
help this: #6792 (comment) would works for you |
Thanks. |
We have the similar issue when tried to configure login for kubernetes-dashboard. I've also tested it for simple nginx deployment.
logs:
|
I'll try asap |
same as: #6345? |
Hi @tzssangglass at the times of #6345 I was able to use openid-connect; but I had problems with the "/logout" url. Differences in the two cases:
Have I to try to reproduce the same configuration? |
@tzssangglass Hi! #7334 this actually fixed the issue. after successful sso I saw 500 error ["An error occurred. You can report issue to APISIX Faithfully yours, APISIX."]
|
My mistake. @MirtoBusico It looks like the issue you raised at the beginning of this issue will be resolved by #8068, and if you can verify #8068 works for you, then you can close the issue. @alekskar Please open a new issue to describe your problem. From your error logs, what you describe is not related to this issue. |
Thanks @tzssangglass
Again thanks for your time |
you can try Or you can wait for the next version to be released and then verify it. |
Thanks. I'll wait for the next version. |
Hi @tzssangglass I discovered that the apisix pod cannot communicate with the keycloak server because I'm using a private CA.
In the past i solved this issue adding the CA certificate in the helm chart. I'll redo the test after adding the CA certificate and will post the results in this thread |
Hi @tzssangglass seems that my problem is not related to the CA so I'm trying to use the workaroud in #8068 (comment) If unsuccessful I'll wait for the new release |
Hi @tzssangglass the workaroud in #8068 (comment) worked for me After modifying the values.yaml file as in the workaround I'm able to work with apisix dashboard using these openid-connect plugin settings
I think this issue can be closed |
Hi @MirtoBusico, glad to know that your question has been resolved! If possible,
The community needs such practice content to help user onboarding with APISIX. If you have interest, please cc me to let me know :) |
Hi @MirtoBusico, for your records, there also have a form about our Guest Blogger Program: https://apisix.apache.org/guest-blog-post. You can also have a look for a better understanding of this program. 😉 @EmilyKeer is in charge of this program, she will be glad to help you as well. |
Hi @juzhiyuan and @EmilyKeer thanks for your time. Any help will be greatly appreciated. I started the blog post at https://github.com/MirtoBusico/apisix-website/blob/master/blog/en/blog/2023/01/02/accessing_apisix-dashboard_from_everywhere_with_keycloak_authentication.md And I'm using as model this post https://github.com/MirtoBusico/apisix-website/blob/master/blog/en/blog/2022/07/06/use-keycloak-with-api-gateway-to-secure-apis.md The first help I need is how to manage tables: seems that the markup syntax is not accepted; but the article header is rendered as a table. Any hint on managing tables? Is it preferred to use mail on requesting help on this article? |
Hi @MirtoBusico, do you mean the markdown meta is rendered as a table? It's expected behavior in GitHub :) If you mean tables like this, then you can use this tool to generate table: https://www.tablesgenerator.com/markdown_tables
Sure, no problem :) Just mail me. |
Description
Hi all,
I'm trying to setup a route for apisix dashboard usin openid-connect for authentication; but I receive an error after the keycloak login.
I'm trying to follow this article but the screen ad fields are different from the last apisix and keycloak versions.
When I try to access the apisix dashboard with this URL "https://apisix.h.net" (my home lab internal address) without enabling the openid-connect plugin everything works correctly.
If I enable the openid-connect plugin first I'm redirected to the keycloak login page (the login is correct and I can see the session in keycloak) then I receive the error page saying "An error occurred. You can report issue to APISIX Faithfully yours, APISIX."
The page URL is
The route definition:
The upstream (apisix gateway is of type loadbalancer) is:
What I'm doing wrong?
Environment
apisix version
):uname -a
):openresty -V
ornginx -V
):curl http://127.0.0.1:9090/v1/server_info
):luarocks --version
):The text was updated successfully, but these errors were encountered: