IRIS Data Platform Docker, OAuth2 and HTTPS

Primary tabs

Hi!

we are evaluating IRIS Data Platform as an OAuth2 Authorization Server with the use of the official Docker image. We currently struggle with the OAuth2 setup, as we are required to use https:// for the /oauth2/authorize and /oauth2/token endpoints, but the Docker container exposes only http:// in its default configuration. We have tried to find any hints in the docs but were not successful. Any help is appreciated.

Thanks

Klaus & Lukas

Replies

Hi Klaus,

You have to proxy IRIS to use https. To do so, use this git :

Thx for the quick response. All provided examples give us a good impression of the different options.

You're correct except it's called a public web server (and not a proxy).

We made it work with, heavily inspired by Guillaume's reply. Some details about a major problem we faced and our solution:

To make this work with the IRIS Data Platform Docker Image, we had to edit the /durable/httpd/conf/httpd.conf of the Apache2 in the docker image to enable SSL (and generate the keys). If SSL terminates at a proxy that runs in a separate docker container (either nginx or apache) the OAuth2 endpoints did throw the following error: "Request must be secured with TLS/SSL". Thus SSL must terminate at the web server that runs the CSP Plugin/Module, in this case the apache2 in the IRIS Data Platform Docker image.