Comments (5)
excaliburzarau
commented on June 29, 2024
Hi guys,
Also as @info-path, i AM trying to invalidate de session.
At the moment i AM just trying to invalidate de session from authentik so, if i logout from authentik or the session expires, all the forwarded applications, independent of the authentication method, should require a login on authentik.
Right now it kinda does it but on some situations it bypasses the verification for some reason and redirects it to the forwarded application even though i have logged out of the authentik.
Can anyone explain me how can i properly setup this to work properly as i AM unable to understand how to do it with the official documentation.
Than you all,
Best Regards
from authentik.
info-path
commented on June 29, 2024
Right now it kinda does it but on some situations it bypasses the verification for some reason and redirects it to the forwarded application even though i have logged out of the authentik.
I also encountered a situation where I logged out of Authentic, but the app remained accessible. I discovered that there was an issue with auth.domain.com because Firefox repeatedly indicated that the site was not secure, even though other browsers confirmed its security. I had registered this domain through Zero Trust Cloudflare.
I resolved this by registering the domain outside the Cloudflare tunnel. Once the security issue was fixed, the logout issue was also resolved. Now, the app logs out correctly with every authentication logout.
from authentik.
excaliburzarau
commented on June 29, 2024
Hello,
Thank you for your Reply.
I do indeed use Cloudflare. Are you suggesting to use another DNS provider instead cloudflare? I currently have everything setup with cloudflare.
Best Regards
from authentik.
info-path
commented on June 29, 2024
I stayed with Cloudflare, only for auth.domain.com, which I use for Authentik I don't use a tunnel, but a standard reverse proxy of Traefik.
There might not even be a problem with the tunnel itself, because I tried another subdomain that didn't do these problems.
from authentik.
excaliburzarau
commented on June 29, 2024
After a quick search regarding what you spoke about i was able to find a user that Gave some guidance on this thread.
I Will try it to adapt this to my setup and update this thread with my finds.
But i Will try to avoud using the zero trust due to the fact that they haver more Control of the information that passes
Thanks you
from authentik.
Related Issues (20)
- Nginx proxy managers/nginx configuration given by authentik does not work HOT 5
- Update check fails HOT 1
- AzureAD OAuth Source - Profile URL Reset HOT 2
- Authentik Workers are now have an unexpectedly high memory footprint HOT 1
- ldap duplicate key value
- Schedule custom actions
- docs: Update Gitea Service index.md
- Proxy Outpost no longer works after changing server URL
- application/o/authorize endpoint missing CORS headers HOT 1
- I would like to request a feature suggestion.
- Manual outpost env var AUTHENTIK_TOKEN not respecting secrets _FILE suffix HOT 1
- Alternative API auth mechanism
- UIDs changed when upgrading from 2023.10.5 to 2024.4.2 HOT 2
- website/docs: integrations: major integration cleanup
- Policy Engine Modes are Mislabeled/Swapped
- Add Worker Healthcheck endpoint
- AUTHENTIK_LOG_LEVEL is not respected HOT 4
- Missing custom scopes in JWT (M2M) HOT 3
- Error sending recovery link via Mail von Display Name has "," in it HOT 1
- Error During Example Enrollment Flow
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from authentik.