I set up a xwiki instance on AWS EKS based on this Helm Chart github com xwiki-contrib xwiki-helm.
My Reverse Proxy is ALB based and configured like this:
ingress:
hosts:
- “wiki.sharedservices.somedomain .com”
- “wiki.somedomain .com”
enabled: true
ingressClassName: alb
annotations:
alb.ingress.kubernetes .io/backend-protocol: HTTP
alb.ingress.kubernetes .io/group.name: xwiki-alb
alb.ingress.kubernetes .io/healthcheck-path: /liveness
alb.ingress.kubernetes .io/healthcheck-protocol: HTTP
alb.ingress.kubernetes .io/scheme: internet-facing
alb.ingress.kubernetes .io/certificate-arn: “some arn…”
alb.ingress.kubernetes .io/tags: “Name=xwiki-alb”
alb.ingress.kubernetes .io/load-balancer-attributes: “idle_timeout.timeout_seconds=4000,routing.http2.enabled=false”
alb.ingress .kubernetes.io/target-type: ip
alb.ingress .kubernetes.io/ssl-redirect: ‘443’
alb.ingress .kubernetes.io/listen-ports: ‘[{“HTTP”: 80}, {“HTTPS”:443}]’
kubernetes .io/tls-acme: “true”
For login I use the OIDC Authenticator with AzureAD.
When authenticating I always get a port 80 in the callback url, like
https://wiki.somedomain.com:80/bin/view/Main/?srid=4Pu8JX0C
In the /authorize call the redirect_uri is set correct redirect_uri=somedomain.com
But the callback sets a wired ssl on port 80 location header:
https://wiki.somedomain.com:80/bin/view/Main/?srid=4Pu8JX0C
I tried
xwiki.cfg
xwiki.home=https://wiki.somdomain.com/
xwiki.home=https://wiki.somdomain.com:443/
xwiki.home=https://wiki.somdomain.com:443
xwiki.url.protocol=https
Descriptor of the wiki
secure = yes
port = 443
alias = https://wiki.somedomain.com
Read many posts from people facing similar problems but no workaround did the trick.
Can anyone help me to get rid of this nasty port 80 problem?
THX