OpenIG route to OpenIDM-GUI with condition "request.uri.path"

This topic has 3 replies, 3 voices, and was last updated 5 years, 5 months ago by jochenr.

  • Author
    Posts
  • #14334
     Fehmi M’Barek
    Participant

    Dear all,

    I am looking for a solution for following problem.

    I want to achiev, that if I access to one of the following addresses through a Webbrowser:

    1.) “https://openig.example.com:8443/OpenIDM-01”
    2.) “https://openig.example.com:8443/OpenIDM-02”
    3.) “https://openig.example.com:8443/OpenIDM-n”

    I will get the GUI of OpenIDM.
    Unfortunatly I am not able to get a satisfied result. My Configuration looks as follows:

    
    {
        "heap": {
            "objects": [
                {
                    "name": "myHandler",
                    "type": "ClientHandler"
    		}
                }
            ]
        },
        "baseURI": "https://1.1.1.X:8443",
        "handler": "myHandler",
        "condition": "${request.uri.path, '^/OpenIDM-x')}"
    }
    

    I am getting an 404 answer from the desired IDM.

    In the logfiles I can see that the Handler “myHandler” tries to open “https://1.1.1.X:8443/OpenIDM-x”. Why the Handler adds the “path” to it?
    Anyone facing same Problems?

    Thanks in advanced :-)

    • This topic was modified 5 years, 8 months ago by Fehmi M'Barek. Reason: adding Tags
    #14337
     Joachim Andres
    Participant

    Hi,

    Not sure what you are trying to achieve. I would think that this behavior is expected as will respect the patch and not re-write it. So you when access https://openig.example.com:8443/OpenIDM-01 with the browser, IG will internally make a request to https://1.1.1.1:8443/OpenIDM-01. If that is not what you are expecting, please elaborate on what you are expecting.

    If you want multiple mappings like
    https://openig.example.com:8443/OpenIDM-01 -> https://1.1.1.1:8443/OpenIDM-01
    https://openig.example.com:8443/OpenIDM-02 -> https://1.1.1.2:8443/OpenIDM-02

    then you will need separate route configurations as those are separate routes.

    Cheers,
    Joachim

    #14369
     Fehmi M’Barek
    Participant

    Hi Joachim,

    thx for the reply.
    I am expecting with my configuration above, that all traffic should be proxied through OpenIG. So no redirection or bypass or something else.

    When I call the Endpoint “openig.example.com:8443/OpenIDM-01” through any browser, openig should show me the login page of the OpenIDM.
    I know that I need a separate rout (config file) for each OpenIDM.
    But with my configuration above it is showing me an error page. And this message comes from the IDM and not from OpenIG. And the logfiles showing me that OpenIG is trying proxy “https://1.1.1.2:8443/OpenIDM-01” but it should only proxy “https://1.1.1.2:8443/” without the path name.

    Could you follow up my problem?
    Thx

    Fehmi

    #16047
     jochenr
    Participant

    Hi Fehmi,

    have a look in the documentation here: https://backstage.forgerock.com/docs/openig/4.5/reference#BaseUriDecorator

    BaseUriDecorator — override scheme, host, and port of request URI
    Description
    
    Overrides the scheme, host, and port of the existing request URI, rebasing the URI and so making requests relative to a new base URI. Rebasing changes only the scheme, host, and port of the request URI. Rebasing does not affect the path, query string, or fragment.

    Hopefully this answers the question.

    Cheers.

Viewing 4 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?