Problem:
Trying to configure Foreman to use external login with OIDC to Keycloak.
I am using the following documentation:
https://theforeman.org/manuals/3.13/index.html#5.7.7SingleSign-onforForemanusingOpenIDConnectprotocol
There are multiple problems:
- External Login does not work. Only internal login works. (There is no error message in the UI, other than “incorrect username or password”)
- The URI
/users/extloginon Foreman does not work. I am getting the error:Internal Server Error The server encountered an internal error or misconfiguration and was unable to complete your request. Please contact the server administrator at [no address given] to inform them of the time this error occurred, and the actions you performed just before this error. More information about this error may be available in the server error log. - I can’t find any substantial errors in logs. Which log file should I even look at?
Expected outcome:
External Login works
Foreman and Proxy versions:
3.13.0
Foreman and Proxy plugin versions:
| Name | Version |
|---|---|
| foreman-tasks | 10.0.1 |
| foreman_ansible | 15.0.1 |
| foreman_remote_execution | 14.0.2 |
| katello | 4.15.0 |
Distribution and version:
Alma Linux 9.5
Other relevant data:
dnf install -y mod_auth_openidc keycloak-httpd-client-install
foreman-installer --foreman-keycloak true --foreman-keycloak-app-name "foreman" --foreman-keycloak-realm "myrealm"
keycloak-httpd-client-install --app-name foreman --keycloak-server-url https://keycloak.my.org --keycloak-admin-username admin --keycloak-realm myrealm --keycloak-admin-realm master --keycloak-auth-role root-admin -t openidc -l /users/extlogin -d
