感謝王大師指導及視頻,參考
https://www.ixigua.com/i6800556524176409100
https://github.com/wangzheng422/docker_env/blob/master/redhat/ocp4/4.3/4.3.sso.md
具體步驟如下:
1.部署Redhat SSO組件作為OpenID Server
選擇開發視圖中的from catalog部署
2.配置RH-SSO,添加用戶
部署完成后找到route,然后訪問 https://sso-sso-app-demo.apps.cluster-6277.sandbox140.opentlc.com/
使用上面設置的密碼 admin/admin登錄
- 創建OpenShift Realm
- 創建user, ericnie並設置密碼
- 創建Client id
Valid Redirect URIs為 https://oauth-openshift.apps.cluster-6277.sandbox140.opentlc.com/*
拷貝credential
5124ecd2-aa70-4a15-a70d-f36e69d97d70
3. 配置OpenShift上添加Identity Provider
找到openshift-ingress-operator項目下secret的route-ca,拷貝tls.crt存成另外的文件route.ca.crt
在user下點擊Add IDP
按照上面創建的內容填寫。
Issuer URL: https://sso-sso-app-demo.apps.cluster-6277.sandbox140.opentlc.com/auth/realms/OpenShift
獲取issuer命令
curl -k https://sso-sso-app-demo.apps.cluster-6277.sandbox140.opentlc.com/auth/realms/OpenShift/.well-known/openid-configuration | python -m json.tool
Logout,重新打開Console,選擇Openid.
用ericnie/welcome1登錄
