OAuth2 authorization consent page uses absolute URL to submit user's consent feedback. This causes issues if authorization server is running behind proxy server/loadbalancer because it could retrieve wrong scheme://host:port
- is related to
-
OPENAM-3659 OAuth2 auth module uses HttpServletRequest.getRequestURL() to construct ORIG_URL cookie
-
- Resolved
-
-
OPENAM-3660 RedirectCallbackHander uses HttpServletRequest.getRequestURL to construct AM_REDIRECT_BACK_SERVER_URL
-
- Resolved
-
-
OPENAM-5130 OAuth2 authorization will redirect using scheme://hostname:port of OpenAM server rather than reverse proxy
-
- Resolved
-