Comments (6)
Instead i am simply also already logged in against B with the user from A.
Can you describe this behaviour more in details? Is it like:
- visit
/web/app1
and got a GUI auth page - authenticate with user A
- visit
/web/app2
and it does not ask for credentials while it should? (unexpected)
from apisix.
Yes of course, sorry if i was not precise enough.
So what i want is
-
visit `/web/app1` and get KC GUI loginpage
-
authenticate with user A
-
visit `/web/app2` and get KC GUI loginpage
-
authenticate with user B
instead it is like you described, user A is also logged in app2 , instead of beeing asked for credentials for app2.
Basically what i am asking for is an option to configure which routes belong to a session. So for example that i could say routes
/web/app1
and /api/* with host app1.mydomain.de get session_id A, and
/web/app2
and api* with host app2.mydomain.de get session_id B, so that if a user with session_id A comes to web/app2, he is not treated as authenticated.
Maybe thats already somewaht there and its a bug on my side, but so far i couldnt figure anything out that would trigger that behaviour. Already checked a bit of the code to to figure out if can make some plugin for myself here, but my lua-knowledge tends towards zero :\
from apisix.
That is so very strange... Especially if you said using different session secrets also doesn't work as intended. I understand your issue now but I'm working on other things at the moment. I can surely circle back when I have time.
from apisix.
That would be really great.
The only way i could achieve that target is by having my kc-clients in different realms, wich is actually okay for the moment, but it would be really nice to be able to configure that a bit more independently from that.
I can provide you my full configuration if you want, its just a bit longer and the example i provided mirrors pretty well what i have there :)
from apisix.
from apisix.
I encountered the same issue, and I had made a pull request #11286 to solve this problem. Test passed
from apisix.
Related Issues (20)
- help request: https access apisix ssl error HOT 1
- help request: use yaml anchors and aliases in the config.
- bug: (3.10.0) SSL ENV secret does not work in key value (encrypted field not compatible with secret env engine?)
- apisix go-runner 如何获取请求进来接口的host? 我看 go-runner 源码,貌似没有
- docs: How to Token Exchange (& token split) with Apisix
- help request: failed to check the configuration of plugin multi-auth err: openid-connect plugin is not supported HOT 2
- help request: Does it support stream poxy match with difference host with same apisix port to difference upstream? HOT 3
- help request: Config apisix for subdirectory
- bug: Strings in luajit are infinitely bloated, even if they are not rereferenced in the lua vm HOT 4
- bug: key-auth plugin is not working as expected HOT 3
- help request: Unable to connect ApiSix DataPlane with ALB with HTTPS HOT 5
- chore: make traffic-split use set_upstream function from upstream.lua HOT 1
- About kafka-logger param: batch_max_size
- help request: what is default route priority rule ? HOT 4
- nacos with apisix error HOT 11
- feat: Rcommend to add the curl to image apache/apisix:version HOT 1
- bug: missing docker images for 3.10.0 release HOT 2
- help request: Accessing Consumer Details in serverless-pre Function HOT 2
- help request: Modify labels length(修改labels长度)
- help request: forward-auth使用遇到疑问 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from apisix.