I'm running simplesamlphp_auth behind a reverse proxy - which (with a few configuration tweaks to simplesaml config) works, until the final redirect by simplesaml - which goes to the wrong URI.
This is because as it stands, the simplesaml library code calls \SimpleSAML\Utils\HTTP::getSelfURL();
which doesn't respect the drupal-configured reverse proxy variables. This means that RelayState is set to (eg) http://localhost:8080/saml_login
(The problem is that port here is incorrect - it should be 80, not 8080).
Issue 2788573 reports the same issue (although doesn't suggest resolution). The corresponding discussion on simplesamlphp points out the problem and suggests a fix - to include a ReturnTo parameter when calling requireAuth()
.
Comment | File | Size | Author |
---|---|---|---|
#2 | simplesamlphp_auth-add_returnto_param-2856127-2.patch | 533 bytes | SimonPhillips |
Comments
Comment #2
SimonPhillips CreditAttribution: SimonPhillips commentedHere's a patch which fixes the issue
Comment #4
snufkin CreditAttribution: snufkin commentedI like this approach. I'll merge it in, please let me know if it resolves the issue.