VaultSoldier Comments - Answer Overflow

VaultSoldier

•Created by VaultSoldier on 2/4/2025 in #💬・get-help

[SOLVED] OIDC keycloak with kerberos error code 502

NVM. This helped. I opened /etc/nginx/sites-enabled/sso with nvim and saved with :w, but when you open files with sudoedit it opens temporary file and writing without exiting does nothing

12 replies

HHomarr

•Created by VaultSoldier on 2/4/2025 in #💬・get-help

[SOLVED] OIDC keycloak with kerberos error code 502

I have a flow in Keycloak that first tries to log you in with Kerberos. If it fails, it prompts you for an email and password, which works. However, if it succeeds with Kerberos, it results in a 502 error.

12 replies

HHomarr

•Created by VaultSoldier on 2/4/2025 in #💬・get-help

[SOLVED] OIDC keycloak with kerberos error code 502

And the strangest thing to me is that it works fine with OIDC, but when Keycloak automatically logs you in with Kerberos, it results in a 502 error.

12 replies

HHomarr

•Created by VaultSoldier on 2/4/2025 in #💬・get-help

[SOLVED] OIDC keycloak with kerberos error code 502

I have a gut feeling that It must be keycloak reverse proxy, but why? It works fine with every other OIDC services and it worked fine on 0.15

12 replies

HHomarr

•Created by VaultSoldier on 2/4/2025 in #💬・get-help

[SOLVED] OIDC keycloak with kerberos error code 502

Is it a Keycloak reverse proxy problem or Hommar? I searched for this problem and found a solution on Stack Overflow for Keycloak, but it didn't work for me.

12 replies

HHomarr

•Created by VaultSoldier on 2/4/2025 in #💬・get-help

[SOLVED] OIDC keycloak with kerberos error code 502

Keycloak log

Feb 05 02:14:20 sso kc.sh[436737]: Will use keytab
Feb 05 02:09:52 sso kc.sh[436737]: Commit Succeeded
Feb 05 02:09:52 sso kc.sh[436737]: Krb5LoginModule]: Entering logout
Feb 05 02:09:52 sso kc.sh[436737]: Krb5LoginModule]: logged out Subject

Feb 05 02:14:20 sso kc.sh[436737]: Will use keytab
Feb 05 02:09:52 sso kc.sh[436737]: Commit Succeeded
Feb 05 02:09:52 sso kc.sh[436737]: Krb5LoginModule]: Entering logout
Feb 05 02:09:52 sso kc.sh[436737]: Krb5LoginModule]: logged out Subject

12 replies

HHomarr

•Created by VaultSoldier on 2/4/2025 in #💬・get-help

[SOLVED] OIDC keycloak with kerberos error code 502

Homarr ver: v1.4.0 Keycloak ver: 25.0.2 OS: Debian 12

12 replies

HHomarr

•Created by VaultSoldier on 2/4/2025 in #💬・get-help

[SOLVED] OIDC keycloak with kerberos error code 502

Homarr docker-compose config

- NODE_TLS_REJECT_UNAUTHORIZED=0
- NEXTAUTH_URL=https://portal.example.com
- BASE_URL=https://portal.example.com
- AUTH_PROVIDERS=credentials,oidc
- AUTH_OIDC_ISSUER=https://sso.example.com/realms/EX
# - AUTH_LOGOUT_REDIRECT_URL=https://portal.example.com
- AUTH_OIDC_CLIENT_ID=homarr
- AUTH_OIDC_CLIENT_SECRET=example-secret
- AUTH_OIDC_CLIENT_NAME=SSO
- AUTH_OIDC_AUTO_LOGIN=false

labels:
- "traefik.enable=true"
- "traefik.http.routers.homarr.entrypoints=http"
- "traefik.http.routers.homarr.rule=Host(`portal.example.com`)"
- "traefik.http.middlewares.homarr-https-redirect.redirectscheme.scheme=https"
- "traefik.http.routers.homarr.middlewares=homarr-https-redirect"
- "traefik.http.routers.homarr-secure.entrypoints=https"
- "traefik.http.routers.homarr-secure.rule=Host(`portal.example.com`)"
- "traefik.http.routers.homarr-secure.tls=true"
- "traefik.http.routers.homarr-secure.service=homarr"
- "traefik.http.services.homarr.loadbalancer.server.port=7575"
- "traefik.docker.network=proxy"

- NODE_TLS_REJECT_UNAUTHORIZED=0
- NEXTAUTH_URL=https://portal.example.com
- BASE_URL=https://portal.example.com
- AUTH_PROVIDERS=credentials,oidc
- AUTH_OIDC_ISSUER=https://sso.example.com/realms/EX
# - AUTH_LOGOUT_REDIRECT_URL=https://portal.example.com
- AUTH_OIDC_CLIENT_ID=homarr
- AUTH_OIDC_CLIENT_SECRET=example-secret
- AUTH_OIDC_CLIENT_NAME=SSO
- AUTH_OIDC_AUTO_LOGIN=false

labels:
- "traefik.enable=true"
- "traefik.http.routers.homarr.entrypoints=http"
- "traefik.http.routers.homarr.rule=Host(`portal.example.com`)"
- "traefik.http.middlewares.homarr-https-redirect.redirectscheme.scheme=https"
- "traefik.http.routers.homarr.middlewares=homarr-https-redirect"
- "traefik.http.routers.homarr-secure.entrypoints=https"
- "traefik.http.routers.homarr-secure.rule=Host(`portal.example.com`)"
- "traefik.http.routers.homarr-secure.tls=true"
- "traefik.http.routers.homarr-secure.service=homarr"
- "traefik.http.services.homarr.loadbalancer.server.port=7575"
- "traefik.docker.network=proxy"

12 replies

HHomarr

•Created by VaultSoldier on 2/4/2025 in #💬・get-help

[SOLVED] OIDC keycloak with kerberos error code 502

keycloak config (works with 0.15)

12 replies

Gaming

Programming