Keycloak Gatekeeper does not set X-Auth header correctly

714 views Asked by At

I try to use a shell script to login to a web application secured by Keycloak Gatekeeper. The login is working and the token handle shows the correct data. But when I do the "real" request the X-Auth-* headers are not existing, so the upstream application is not able to check the authorization.

# login
wget --save-cookies .cookie --keep-session-cookies -qO/dev/null --post-data='username=...&password=...' "$URL/oauth/login"
# verify the token data (correct)
wget --load-cookies .cookie -q  -O- "$URL/oauth/token"
# request data (no X-Auth headers present)
wget --load-cookies .cookie -nv -O- "$URL/path/to/data"

When doing the login via the Code Flow via the browser the headers are set correctly.

1

There are 1 answers

2
Jan Garaj On

X-Auth-* headers are added to the request from the gatekeeper to the upstream app. You are checking user - gatekeeper connection, so it is correct, that these headers are not there.