Solved

OpenID Connect - Bad Redirect URI - Reverse Proxy

  • 7 June 2023
  • 3 replies
  • 447 views
G

Hello,

 

I have trouble configuring the OpenID Connect authentication configuration.

We use a reverse proxy to connect to the Identity Provider and to connect to Centreon (v. 22.10.4). We are using a VPN, the domain cannot be resolved publicly.

External URL (after reverse proxy):

Internal URL (before reverse proxy):

 

The problem is, when I click on “Login with openid” button after configuring OpenID Connect authentication, I get redirected to an URL like this :

https://idp.external.XXXX.intra/application/o/authorize/?client_id=XXXX&response_type=code&redirect_uri=http://supervision.internal.XXXX.intra/centreon/authentication/providers/configurations/openid&state=648057e829375&scope=openid

The redirect URI is false here because Centreon is taking its own internal URL and we want that the redirect URI would be the external URI (after reverse proxy). How can I change this in the GUI/CLI of Centreon ?

icon

Best answer by christophe.niel-ACT 12 June 2023, 10:41

View original

3 replies

G

 

C
Rank
Userlevel 5
Badge +14

hello

if you use a reverse proxy, you will need to use a rewrite function on your reverse proxy

neither centreon nor the  openid provider will know you are rewriting stuff on the fly with a reverse proxy.

 

there are lots of way to setup a reverse proxy to do what you need, but it’s the job of the RP to rewrite all the query/variable/url to translate external and internal, and you will need to deep dive in the documentation on your RP to understand what you need to do for OpenID Connect

Centreon Lord Commander - https://www.centreon.com/centreon-community/
G

hello

if you use a reverse proxy, you will need to use a rewrite function on your reverse proxy

neither centreon nor the  openid provider will know you are rewriting stuff on the fly with a reverse proxy.

 

there are lots of way to setup a reverse proxy to do what you need, but it’s the job of the RP to rewrite all the query/variable/url to translate external and internal, and you will need to deep dive in the documentation on your RP to understand what you need to do for OpenID Connect

 

Thank you, we are using Nginx proxy manager. I will check how it is possible to implement this for centreon.

Reply


Terms & ConditionsCookie settings