Re: [ovirt-devel] Authentication error are not helpful - " The redirection URI for client is not registered "
In this case turning off the callback prefix check should be helpful
Create a new conf file /etc/ovirt-engine/engine.conf.d/99-sso.conf and add
the line below to the file. This will turn off the additional security
check for the callback prefix.
SSO_CALLBACK_PREFIX_CHECK=false
Ravi
On Tue, Aug 22, 2017 at 9:29 AM, Martin Perina <mperina(a)redhat.com> wrote:
Adding Ravi
On Mon, Aug 21, 2017 at 10:53 AM, Roy Golan <rgolan(a)redhat.com> wrote:
>
> When using OST you get an engine on isolated network, that in order to
> make available you must tunnel. When tunnelling you end up with a URI with
> a uncommon port or hostname that will result an error while authenticating:
>
> URL: https://localhost:9000/ovirt-engine
>
> This displays this error:
>
> *" The redirection URI for client is not registered "
> <http://imgur.com/a/D0edf>*See screenshot <http://imgur.com/a/D0edf>
>
> Can we expose the expected valid redirect urls? Is it used for something
> else than obscurity?
>
> If we can expose it then at least a message of the form would be better:
>
> * " Please make sure to connect to https://EXPECTED/URL "
<https://the>*
>
> \R
>
> _______________________________________________
> Devel mailing list
> Devel(a)ovirt.org
> http://lists.ovirt.org/mailman/listinfo/devel
>
Attachments:
- attachment.html (text/html — 2.8 KB)