KeyCloak Forgot password Email link

£可爱£侵袭症+ 提交于 2019-12-11 13:44:01

问题


We are implementing Authentication using keycloak. Specifically for forgot password option: When user clicks on Forgot password option, and provides user name, an email will be sent to their id with the link to reset password.

My Question is specifically on the link: The link sent out in email looks like below: https://:/auth/realms//login-actions/reset-credentials?code= But the mentioned is really an internal physical host name that can be found in /etc/hosts, but it is not accessible to external users, so we need to replace this host:port number.

The code in .ftl file looks like below under themes/base/email/html/password-reset.ftl: ${msg("passwordResetBodyHtml",link, linkExpiration, realmName)} While figured out from admin console on where the values for linkExpiration and realmName (They are under Realm Settings in admin console), I am unable to find out how and where the "link" is configured. Can someone please help with this?

I looked up other threads and did some findings, and found this link:(Keycloak - URL Reset Password email behind a proxy, but it really talks about NginX proxy, which we haven't configured.


回答1:


Got this resolved after multiple discussion with Redhat team. Below are the steps followed

  1. We were using RH SSO 7.0.x: Added proxy-address-forwarding=true as below.

The server didn't start because this tag is not available in Keycloak 7.0.x. as confirmed by Redhat.

  1. Did upgrade to RH SSO 7.2.0 and the same flag addition worked. Forgot password email content has the https:///auth/realms/archcap-au/login-actions/action-token?key=

Before change:

    header=x-forwarded-host= <External Host>
    header=Host= <Internal host:8443>

After Change:

    header=x-forwarded-host= <External Host>
    header=Host= <External Host>

the tag would retain the forwarded host header.



来源:https://stackoverflow.com/questions/49181881/keycloak-forgot-password-email-link

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!