Spring saml issues when using SP behind a reverse proxy

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP



Spring saml issues when using SP behind a reverse proxy



We have implemented SAML with ADFS authentication using the Spring SAML extension.
The SP in on a server A which is behind Nginx, the URL is of the form https://serviceprovider/saml/login (just made it up), the ADFS is on the customer side in a separate network. The customers can access the https://serviceprovider/saml/login URL and they get the prompt from the ADFS to enter credentials, they do and for some reason they are getting redirected to the an URL with the internal IP address where the SP is hosted (server A), which is of course not accessible over the Internet, something like https://x.x.x.x:8443.
Nothing is hard coded on our code and the Spring/SAML setup is all using the site URL’s for the SP and the IdP. Also verified the https://serviceprovider/saml/login/metadata returns the proper values.



Has anyone dealt with a situation like this? If so, how have you fixed it?
Thanks




2 Answers
2



To whom it may concern, Nginx was adding the wrong Host header to the incoming request, adding the x.x.x.x.8443 host value. It was fixed by adjusting Nginx to send the proper Host header value 'serviceprovider' in the example.



Have you tried configuring it for LB?



https://docs.spring.io/spring-security-saml/docs/1.0.4.BUILD-SNAPSHOT/reference/html/configuration-advanced.html#configuration-load-balancing






By clicking "Post Your Answer", you acknowledge that you have read our updated terms of service, privacy policy and cookie policy, and that your continued use of the website is subject to these policies.

Popular posts from this blog

Firebase Auth - with Email and Password - Check user already registered

Dynamically update html content plain JS

Creating a leaderboard in HTML/JS