You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I tried to map SATOSA to a URI'd path behind a reverse proxy and didn't succeed. Looking through the code there are many mixes of the use of BASE (self.base_url) that defeat using it properly.
metadata (generation) uses it
register_endpoints of saml front and backend modules don't use it, but oidc frontend does
discovery return_url doesn't use it
saml2 backend ACS doesn't
This is where I stopped debugging and fixing the code.
All the above problems can be overcome seperately by wisely choosing a combination of reverse proxy conf (include base path in backend request or not) and SATOSA conf (with or without base path), but never together as as working system. It's a classical waterbed.
This issue is here only to address the problem, because we decided to go vhost based reverse proxy to keep the project going.
I tried to map SATOSA to a URI'd path behind a reverse proxy and didn't succeed. Looking through the code there are many mixes of the use of BASE (self.base_url) that defeat using it properly.
This is where I stopped debugging and fixing the code.
All the above problems can be overcome seperately by wisely choosing a combination of reverse proxy conf (include base path in backend request or not) and SATOSA conf (with or without base path), but never together as as working system. It's a classical waterbed.
This issue is here only to address the problem, because we decided to go vhost based reverse proxy to keep the project going.
To clarify what I mean with base path URI'd SATOSA:
reverse proxy address: https:///satosa/
backend server: http://localhost:8080/ or http://localhost:8080/satosa
The text was updated successfully, but these errors were encountered: