User Tools
сервис_http
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
|
сервис_http [2023/11/01 17:22] val [Управление доступом к HTTP серверу с использованием OAuth2 аутентификации] |
сервис_http [2023/11/07 14:11] val [Управление доступом к HTTP серверу с использованием OAuth2 аутентификации] |
||
|---|---|---|---|
| Line 820: | Line 820: | ||
| * [[https://github.com/zmartzone/mod_auth_openidc/wiki/GitLab-OAuth2]] | * [[https://github.com/zmartzone/mod_auth_openidc/wiki/GitLab-OAuth2]] | ||
| * [[Инструмент GitLab#Сервер OAuth2]] из GitLab | * [[Инструмент GitLab#Сервер OAuth2]] из GitLab | ||
| + | * [[Сервис OAuth2#Keycloak]] | ||
| * [[https://www.janua.fr/using-apache2-mod_auth_openidc-module-with-keycloak-openid-connect/|Using apache2 mod_auth_openidc module with Keycloak (OpenID Connect)]] | * [[https://www.janua.fr/using-apache2-mod_auth_openidc-module-with-keycloak-openid-connect/|Using apache2 mod_auth_openidc module with Keycloak (OpenID Connect)]] | ||
| Line 826: | Line 827: | ||
| gate# apt install libapache2-mod-auth-openidc | gate# apt install libapache2-mod-auth-openidc | ||
| </code><code> | </code><code> | ||
| - | gate# cat /etc/apache2/sites-available/000-default.conf | + | # cat /etc/apache2/conf-available/serve-cgi-bin.conf |
| </code><code> | </code><code> | ||
| ... | ... | ||
| - | # GitLab | + | <IfDefine ENABLE_USR_LIB_CGI_BIN> |
| - | OIDCSSLValidateServer Off | + | |
| - | OIDCProviderMetadataURL https://server.corp13.un/.well-known/openid-configuration | + | |
| - | OIDCRedirectURI http://gate.corp13.un/cgi-bin/test-cgi | + | |
| - | OIDCClientID e...............................................4 #Application ID | + | |
| - | OIDCClientSecret 7.................................................4 #Secret | + | |
| - | OIDCCryptoPassphrase anystring | + | |
| - | # Keycloak | + | # GitLab |
| - | OIDCSSLValidateServer Off | + | OIDCSSLValidateServer Off |
| - | OIDCProviderMetadataURL https://server.corp16.un:8443/realms/myrealm/.well-known/openid-configuration | + | OIDCProviderMetadataURL https://server.corp13.un/.well-known/openid-configuration |
| - | OIDCRedirectURI http://gate.corp16.un/cgi-bin/test-cgi | + | OIDCRedirectURI http://gate.corp13.un/cgi-bin/test-cgi |
| - | OIDCClientID test-cgi | + | OIDCClientID e...............................................4 #Application ID |
| - | OIDCCryptoPassphrase anystring | + | OIDCClientSecret 7.................................................4 #Secret |
| - | ... | + | OIDCCryptoPassphrase anystring |
| - | </code><code> | + | |
| - | # cat /etc/apache2/conf-available/serve-cgi-bin.conf | + | # Keycloak |
| - | </code><code> | + | OIDCSSLValidateServer Off |
| + | OIDCProviderMetadataURL https://server.corp13.un:8443/realms/myrealm/.well-known/openid-configuration | ||
| + | OIDCRedirectURI http://gate.corp13.un/cgi-bin/test-cgi | ||
| + | OIDCClientID test-cgi | ||
| + | OIDCCryptoPassphrase anystring | ||
| ... | ... | ||
| #Require all granted | #Require all granted | ||
| Line 937: | Line 936: | ||
| location / { | location / { | ||
| proxy_pass http://myapp1; | proxy_pass http://myapp1; | ||
| + | |||
| + | # proxy_set_header Host $host; | ||
| + | # proxy_set_header X-Forwarded-For $remote_addr; | ||
| + | |||
| } | } | ||
| } | } | ||
сервис_http.txt · Last modified: 2024/05/24 09:20 by val
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
