Hey, I’ve created a custom authenticator where I inject a url/ip to an internal service in a k8s cluster for the given environment.
In the test environment everything is working as expected, but in the production environment the url/ip is null.
I’m using the same docker image in both environments.
Also, if I check Keycloak server-info → providers, CustomAuthenticator
is listed as an authenticator provider.
Is there anything I’ve missed that I need to do in the admin console?
Everything is managed using helm bitnami/keycloak.
Here’s the parts of my custom AuthenticatorFactory I expect is relevant:
public class CustomAuthenticatorFactory implements AuthenticatorFactory {
private static final String PROVIDER_ID = "CustomAuthenticator";
private String serviceUrl;
@Override
public void init(Config.Scope config) {
serviceUrl = config.get("service-url");
}
@Override
public String getId() {
return PROVIDER_ID;
}
}
Here’s my values.yaml
image:
pullPolicy: Always
registry: {my-registry}
repository: {repo}
tag: {img-tag}
cache:
enabled: true
postgresql:
enabled: false
externalDatabase:
host: {db-host}
database: keycloak
user: {user}
existingSecret: rds
existingSecretPasswordKey: rds.user.password
extraStartupArgs: "--spi-authenticator-CustomAuthenticator-service-url=http://10.100.115.60"
extraEnvVars:
- name: KEYCLOAK_PRODUCTION
value: "true"
- name: KEYCLOAK_EXTRA_ARGS
value: --auto-build
- name: KC_CACHE_STACK
value: kubernetes
proxy: edge
ingress:
enabled: true
hostname: {my-domain}
path: /*
annotations:
alb.ingress.kubernetes.io/certificate-arn: {ssl-cert-arn}
alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]'
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/ssl-redirect: "443"
alb.ingress.kubernetes.io/target-type: ip
kubernetes.io/ingress.class: alb
resources:
limits:
cpu: 1000m
memory: 1024Mi
requests:
cpu: 500m
memory: 512Mi
replicaCount: 2
autoscaling:
enabled: true
maxReplicas: 5
minReplicas: 2