Keycloak with mod_auth_openidc

Typo · June 18, 2020, 1:49pm

Hello,

I want to configure keycloak with apache mod_auth_openidc. But I don’t know how to configure timeouts in the mod_auth_openidc.

I want to configure an access_token timeout et an refresh_token timeout.

Anyone knows the parameters to change in mod_auth_opendic ?

Typo · June 29, 2020, 3:06pm

Up ? I dont find a configuration with values of timeout

hmof · June 30, 2020, 2:13am

All the configuration parameters are documented in the config file:

github.com

zmartzone/mod_auth_openidc/blob/master/auth_openidc.conf

########################################################################################
#
# Common Settings
#
########################################################################################

# (Mandatory)
# The redirect_uri for this OpenID Connect client; this is a vanity URL
# that must ONLY point to a path on your server protected by this module
# but it must NOT point to any actual content that needs to be served.
# You can use a relative URL like /protected/redirect_uri if you want to
# support multiple vhosts that belong to the same security domain in a dynamic way
#OIDCRedirectURI https://www.example.com/protected/redirect_uri

# (Mandatory)
# Set a password for crypto purposes, this is used for:
# - encryption of the (temporary) state cookie
# - encryption of cache entries, that may include the session cookie, see: OIDCCacheEncrypt and OIDCSessionType
# Note that an encrypted cache mechanism can be shared between servers if they use the same OIDCCryptoPassphrase
#OIDCCryptoPassphrase <passphrase>

This file has been truncated. show original

and you can ask for help on the google group if you need it.

Typo · July 20, 2020, 4:23pm

Thanks hmof. (Sorry I don’t have notification for your message.

I know this documentation. However I don’t find a documentation with the relation between this parameters and keycloak parameters.

I have many problems with keycloak, for example if i stay on the login page too long i end up having the normal Keycloak message which refreshes the page. Then I have a timeout trying to connect :

Error:

Invalid Authentication Response

Description:

This is due to a timeout; please restart your authentication session by re-entering the URL/bookmark you originally wanted to access:

hmof · July 22, 2020, 5:54am

I have also had problems if I stay at the keycloak login too long. I don’t know how to fix that.

Typo · August 20, 2020, 9:55am

Nobody have solution fort this problems ? It’s very embarrassing !

zonaut · August 20, 2020, 10:16am

Maybe you should try asking this on an Apache forum.
Apache isn’t as popular as 1000 years ago and I suspect with good reasons that it’s a minority at best. As expected there would hardly be any people here that have experience with it.

Embarrassing is a strange word to use when asking help from others in a public forum. Shaming people won’t help your case any faster and I even suspect that you probably have lost any support left.

Topic		Replies	Views
Configure timeout Keycloak with apache2-oidc Configuring the server	3	1563	April 19, 2024
Failed to make identity provider oauth callback: SocketTimeoutException: Read timed out Configuring the server authentication , oidc	4	4247	November 30, 2021
Keycloak behind apache2 auth_openidc module Configuring the server authentication , oidc	3	2292	June 6, 2023
Keycloak login page timeout and redirect error Configuring the server	0	2647	January 26, 2023
Tokens expiring too soon Configuring the server authentication , oidc	4	5705	October 30, 2021

Keycloak with mod_auth_openidc

Related topics