apache-zeppelin - 为 OIDC 配置的 Apache Zeppelin 重定向到 http://localhost:8081/null
问题描述
我已经尝试过 Apache Zeppelin 0.8 和 0.9 + pac4j 并且问题是一样的。在 http://localhost:8081/ 访问应用程序根目录时,我被重定向到 http://localhost:8081/null。log4j 不输出任何可能有帮助的东西。
这是我的 shiro.ini 文件:
[main]
sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager
securityManager.sessionManager = $sessionManager
securityManager.sessionManager.globalSessionTimeout = 86400000
oidcConfig = org.pac4j.oidc.config.OidcConfiguration
oidcConfig.discoveryURI = http://localhost:8080/auth/realms/Test/.well-known/openid-configuration
oidcConfig.clientId = Zeppelin
oidcConfig.secret = e15b220e-9b3c-4997-9a76-81086e3e1ca3
oidcConfig.clientAuthenticationMethodAsString = client_secret_basic
oidcClient = org.pac4j.oidc.client.OidcClient
oidcClient.configuration = $oidcConfig
clients = org.pac4j.core.client.Clients
clients.callbackUrl = http://localhost:8081/api/callback
clients.clients = $oidcClient
requireRoleAdmin = org.pac4j.core.authorization.authorizer.RequireAnyRoleAuthorizer
config = org.pac4j.core.config.Config
config.clients = $clients
pac4jRealm = io.buji.pac4j.realm.Pac4jRealm
pac4jSubjectFactory = io.buji.pac4j.subject.Pac4jSubjectFactory
securityManager.subjectFactory = $pac4jSubjectFactory
oidcSecurityFilter = io.buji.pac4j.filter.SecurityFilter
oidcSecurityFilter.config = $config
oidcSecurityFilter.clients = oidcClient
callbackFilter = io.buji.pac4j.filter.CallbackFilter
callbackFilter.defaultUrl = http://localhost:8081
callbackFilter.config = $config
[urls]
/api/version = anon
/api/callback = callbackFilter
/** = oidcSecurityFilter
解决方案
添加解析器将有助于重定向到正确的 oidc 路径
ajaxRequestResolver = org.pac4j.core.http.ajax.DefaultAjaxRequestResolver
ajaxRequestResolver.addRedirectionUrlAsHeader = true
oidcClient.ajaxRequestResolver = $ajaxRequestResolver