I have an application that is secured with Keycloak. When I try to go to my application I get redirected to the loginpage from Keycloak, but with an error saying 'invalid parameter: redirect_uri'.
When I look at the redirect_uri-parameter in the url, then indeed it is not a valid redirect_uri....because the port is stripped away!
This is my application-url from where I get redirected:
http://testurl:8081/myApplication
Once on the loginpage from Keycloak, this url should appear in the url-parameter 'redirect_uri', but instead the redirect_uri is:
http://testurl/myApplication
(Obviously irl it's encoded)
Why does this happen?
If I manually adjust the url by adding in the port, everything works fine and an error-free loginpage is shown....
Some additional information:
I’m using Keycloak to secure a java-app (Vaadin), so i’m using a java-adapter. Securing my application by adding my secured path in the web.xml.
When I run my app locally on localhost, it all works perfect. I get redirected to our test-keycloak-server and I can login and everything. But once deployed on our test-server (tomcat) I get this strange behavior.
Maybe one thing to note: our testserver doesn’t use https, could this explain anything?
Also, the ‘Valid Redirect URIs’ you need to set in Keycloak are set correctly.
The first problem I had was that instead of removing the port Keycloak removed it and added ‘0’, giving me this url:
testurl:0/application
I solved this by adding ‘confidential-port: 443’ to my keycloak.json, and so now it completely strips away the port-number…
question from:
https://stackoverflow.com/questions/65888151/keycloak-strips-away-portnumber-in-redirect-uri 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
