When AM detects that the session needs to be authenticated, the "goto" parameter in the redirect Location Response Header has the wrong value when AM is installed behind a reverse proxy (Apache 2.4). This has happened with a Oauth2/OIDC and Web Agent flow.
AM is setting the "goto" value to the internal FQDN instead of the external FQDN.
Web Agent (Separate issue generated to cover the Web Agent flow as the issues here are distinct - OPENAM-12074)
Other aspects of AM appear to be working fine with the reverse proxy.
Set the following:
- Updated cookie domains to include the external FQDN
- DNS Aliases contains the external FQDN (via updating sites / server)
- Created a Site ... added to Server
- Created Service: Base URL Source ... (fixed issue with .well-known payload)