Fix portal auth

- adjust realm settings for portal-app client to
  make login possible

Issue-ID: PORTALNG-143
Change-Id: I8a3f925dcaa31abd86a9681cfec98f49b41efaac
Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>

diff --git a/docs/sections/resources/yaml/keycloak-server-values.yaml b/docs/sections/resources/yaml/keycloak-server-values.yaml
index 52bf5a9..8f13e1f 100644 (file)
--- a/docs/sections/resources/yaml/keycloak-server-values.yaml
+++ b/docs/sections/resources/yaml/keycloak-server-values.yaml
@@ -54,4 +54,4 @@ secrets:
 
 http:
   # For backwards compatibility reasons we set this to the value used by previous Keycloak versions.
-  relativePath: "/" # "/auth"
+  relativePath: "" # "/auth"

diff --git a/kubernetes/authentication/values.yaml b/kubernetes/authentication/values.yaml
index 79f2329..89e6097 100644 (file)
--- a/kubernetes/authentication/values.yaml
+++ b/kubernetes/authentication/values.yaml
@@ -27,7 +27,7 @@ global:
 
 keycloak:
   intURL: "http://keycloak-http.keycloak.svc.cluster.local/"
-  relativePath: "auth/"
+  relativePath: ""
 ingressAuthentication:
   enabled: false
   exceptions:
@@ -57,7 +57,7 @@ onap-keycloak-config-cli:
   #existingSecret: "keycloak-keycloakx-admin-creds"
   env:
     # internal KC URL plus relative path
-    KEYCLOAK_URL: "http://keycloak-http.keycloak.svc.cluster.local/auth/"
+    KEYCLOAK_URL: "http://keycloak-http.keycloak.svc.cluster.local/"
     KEYCLOAK_SSLVERIFY: "false"
     KEYCLOAK_AVAILABILITYCHECK_ENABLED: "true"
   secrets:
@@ -300,6 +300,9 @@ realmSettings:
           - 'https://{{ include "ingress.config.host" (dict "dot" . "baseaddr" "portal-ng-ui") }}/*'
           - 'http://localhost/*'
         protocol: openid-connect
+        webOrigins:
+          - "*"
+        publicClient: "true"
         additionalAttributes:
           post.logout.redirect.uris: 'https://{{ include "ingress.config.host" (dict "dot" . "baseaddr" "portal-ng-ui") }}/*'
         protocolMappers: