Skip to main content
Question

Issues when setting up External IDP - AzureAD

C
Do Gooder (Partner)
Forum|alt.badge.img+7

I have IFS Cloud 22R1 installed in a Cloud (VM) service provider and for the moment there is no reverse proxy server. No DNS settings setup yet.

We can access IFS over the internet, with a host file entry at local machine, since we have a public IP at MT server (Ubuntu). Local machine host file is as below.

222.123.188.199 is the public IP as shown above. (Not the real IP I’m using)

I can load landing page as below.

https://xxx-tst.xxxxxx.cloud/main/ifsapplications/web/start

I have configured with Azure AD and if I tried log in with Azure AD, I’m getting an error.

Please go through below steps.

 

There is no any configuration issues, as the video shared by @subslk

  - https://www.youtube.com/watch?v=103_y7_GAas&list=PPSV

Could you please help me to overcome this issue?

8 replies

S
Hero (Employee)
Forum|alt.badge.img+10
  • subslk
  • Hero (Employee)
  • 102 replies
  • May 30, 2023

Hi, 

Could you please check the ifsapp-iam container log for any errors? 

As I see, this could be due to either incorrect configuration or certificate issue.

 

/Subhashini 

C
Do Gooder (Partner)
Forum|alt.badge.img+7
  • CovMayurJ
  • Author
  • Do Gooder (Partner)
  • 18 replies
  • August 1, 2023

Hi Subhashini,

Still no SSL certificate added. .

IAM error,

2023-08-01 08:58:59,987 ERROR [org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider] (executor-thread-391) Failed to make identity provider oauth callback: java.lang.IllegalArgumentException: No enum constant org.keycloak.models.IdentityProviderSyncMode.import
    at java.base/java.lang.Enum.valueOf(Unknown Source)
    at org.keycloak.models.IdentityProviderSyncMode.valueOf(IdentityProviderSyncMode.java:3)
    at org.keycloak.models.IdentityProviderModel.getSyncMode(IdentityProviderModel.java:218)
 

Error at browser,

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0, minimum-scale=1.0, maximum-scale=1.0, user-scalable=no">
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
    <meta name="robots" content="noindex, nofollow">

            <link rel="preload" href="/auth/resources/x3a18/login/f1theme/fonts/open-sans-regular.woff" as="font" type="font/woff" crossorigin>
            <link rel="preload" href="/auth/resources/x3a18/login/f1theme/fonts/open-sans-semibold.woff" as="font" type="font/woff" crossorigin>
            <link rel="preload" href="/auth/resources/x3a18/login/f1theme/fonts/open-sans-bold700.woff" as="font" type="font/woff" crossorigin>
    <title>IFS Cloud for MFG Solution Set</title>
    <link rel="icon" href="https://xxxxxxxx-xxxxxx.co.uk/landing-page/resources/favicon.png" />
            <link href="/auth/resources/x3a18/login/f1theme/css/ifs-login.css" rel="stylesheet" />
            <script src="/auth/resources/x3a18/login/f1theme/scripts/polyfill.js" type="text/javascript"></script>
            <script src="/auth/resources/x3a18/login/f1theme/scripts/utilities.js" type="text/javascript"></script>
    <script type="text/javascript">
        adjustRootFontSize();
    </script>
    <style>
        body::before {
            background-image: url(https://xxxxxxxx-xxxxx.co.uk/landing-page/resources/solutionsets/IFS-CLOUD-MANUFACTURING.jpg);
        }
        .ifs-logo-sm {
            background-image: url(https://xxxxxxx-xxxxxx.co.uk/landing-page/resources/logos/IFS_LOGO_POSITIVE_RGB.svg);
        }
        .ifs-logo-lg::after {
            background-image: url(https://xxxxxxxx-xxxxx.co.uk/landing-page/resources/logos/IFS_LOGO_NEGATIVE_RGB.svg);
        }
        .ifs-logo-lg::before {
            background-image: url(https://xxxxxxx-xxxxxx.co.uk/landing-page/resources/logos/IFS_LOGO_BG.svg);
        }
    </style>
</head>
<body id="id-ifs-body" onload="onLoad('id-ifs-btn-Azure')" class=" ifs-login-body">
    <script type="text/javascript">
        addCustomClassOnDevice(['id-ifs-body']);
    </script>
    <div id="id-ifs-logo-lg" class="ifs-logo-lg"></div>
    <script type="text/javascript">
        addCustomClassOnDevice(['id-ifs-logo-lg']);
    </script>
    

    <div id="id-ifs-right-panel" class="card-pf ifs-right-panel">
    <script type="text/javascript">
        executeOrientationChange(['id-ifs-right-panel']);
        addCustomClassOnDevice(['id-ifs-right-panel']);
    </script>

    <div class="ifs-panel">
      <div id="id-ifs-logo-sm" class="ifs-logo-sm"></div>
      <script type="text/javascript">
        executeOrientationChange(['id-ifs-logo-sm']);
        addCustomClassOnDevice(['id-ifs-logo-sm']);
      </script>

      <div class="ifs-panel-link">        <div id="id-ifs-backtologin-container" class="ifs-back-to-login-container ifs-hide">
            <script type="text/javascript">
                var clientId = getUrlParameters().client_id;
                if (clientId !== "IFS_aurena_native") {
                    removeClass(['id-ifs-backtologin-container'], 'ifs-hide');
                    executeOrientationChange(['id-ifs-backtologin-container']);
                    addCustomClassOnDevice(['id-ifs-backtologin-container']);
                }
            </script>
            <a id="id-ifs-backtoappaccess-link" class="ifs-hyperlink ifs-back-to-login" href="REPLACE_ME">
                <div class="ifs-left-caret-wrapper"></div>
                Back to Application Access
            </a>
            <script type="text/javascript">
                var link = document.getElementById("id-ifs-backtoappaccess-link");
                link.href = window.location.origin.concat('/landing-page');
            </script>
        </div>
</div>
      <div id="id-ifs-login-container" class=ifs-login-container>
      <script type="text/javascript">
        executeOrientationChange(['id-ifs-login-container']);
        addCustomClassOnDevice(['id-ifs-login-container']);
      </script>
      <header class="login-pf-header">

        <div class="ifs-title-group">
            <div id="id-ifs-solutionset-title" class="ifs-title">        Oops! Something went wrong
</div>
        </div>
      </header>
      <div id="kc-content">
        <div id="kc-content-wrapper">

        <div>
            <p>Unexpected error when authenticating with identity provider</p>
        </div>

        </div>
      </div>
    </div>
    </div>
    </div>
</body>
</html>

 

Please comment

 

 

S
Hero (Employee)
Forum|alt.badge.img+10
  • subslk
  • Hero (Employee)
  • 102 replies
  • August 1, 2023

Hi, 

Its better to raise a ticket for this. So that this can be properly investigated. 

/Subhashini 

 

C
Do Gooder (Partner)
Forum|alt.badge.img+7
  • CovMayurJ
  • Author
  • Do Gooder (Partner)
  • 18 replies
  • August 1, 2023

Thanks Subhashini 

Fazil_Niz
Do Gooder (Partner)
Forum|alt.badge.img
  • Fazil_Niz
  • Do Gooder (Partner)
  • 2 replies
  • August 10, 2023

@CovMayurJ Have you been able to resolve this? I'm encountering a similar problem after renewing the client secret for our IAM provider.

https://www.linkedin.com/in/fazil-nizar/
C
Do Gooder (Partner)
Forum|alt.badge.img+7
  • CovMayurJ
  • Author
  • Do Gooder (Partner)
  • 18 replies
  • August 10, 2023

Hi Fazil,  Still no solution. Please let me know if you found a solution.

Fazil_Niz
Do Gooder (Partner)
Forum|alt.badge.img
  • Fazil_Niz
  • Do Gooder (Partner)
  • 2 replies
  • August 10, 2023

@CovMayurJ The workaround for this issue was to perform the below in your WM server : 


kubectl -n <namespace> port-forward service/ifsapp-iam 9090:8080

log in to the below site via ifsiamadmin

http://localhost:9090/auth

Navigate > Admin console > Realms > your namespace  > Identity Providers > Azure AD  sync mode set to force and save. 

 

This is a known bug which is fixed in IFS Cloud 22R1SU9 

 

https://www.linkedin.com/in/fazil-nizar/
C
Do Gooder (Partner)
Forum|alt.badge.img+7
  • CovMayurJ
  • Author
  • Do Gooder (Partner)
  • 18 replies
  • August 11, 2023

Hi Fazil,

Thank you very much. I’ll try it and update this post.

Best regards,

Mayura

Fazil_Niz
1 person likes this
  • Fazil_Niz
    Fazil_Niz

Reply


Terms & ConditionsCookie settings

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings