Reverse Proxy for Shibboleth not sending request POSTShibboleth + IIS and Pound Reverse ProxyReverse Proxy will not Authenticate SSLRequire for Salesforce.comOnly one Shibboleth SP on reverse proxy for different sitesSetting up an Apache forward proxy with 2-way SSL with certificate CN check failsShibd not receiving proper POST requestShibboleth 404 when upgrading to ASP.net COREShibboleth not setting REMOTE_USERMoving SSL cert to the edge breaks ShibbolethShibboleth reverse proxy configurationHow to fix misredirection after rewriting Symfony4's 302 redirected URL (to login page)
Reference for electronegativities of different metal oxidation states
Germany rejected my entry to Schengen countries
Have I found a major security issue with login
Why is python script running in background consuming 100 % CPU?
Why would Thor need to strike a building with lightning to attack enemies?
Hotel booking: Why is Agoda much cheaper than booking.com?
Richard's Favourite TV Programme
Why didn't Daenerys' advisers suggest assassinating Cersei?
What's is the easiest way to purchase a stock and hold it
Who is frowning in the sentence "Daisy looked at Tom frowning"?
Managing heat dissipation in a magic wand
Gambler's Fallacy Dice
Does ratifying USMCA imply a (stealth) ratification of UNCLOS?
Why did Nick Fury not hesitate in blowing up the plane he thought was carrying a nuke?
Why should one apply for UK visa before other visas, on a multi-destination European holiday?
How to choose the correct exposure for flower photography?
Cycling to work - 30 mile return
pwaS eht tirsf dna tasl setterl fo hace dorw
Good examples of "two is easy, three is hard" in computational sciences
Is my company merging branches wrong?
Bash Array of Word-Splitting Headaches
Can a Warforged have a ranged weapon affixed to them like an armblade?
If you attack a Tarrasque while swallowed, what AC do you need to beat to hit it?
Does science define life as "beginning at conception"?
Reverse Proxy for Shibboleth not sending request POST
Shibboleth + IIS and Pound Reverse ProxyReverse Proxy will not Authenticate SSLRequire for Salesforce.comOnly one Shibboleth SP on reverse proxy for different sitesSetting up an Apache forward proxy with 2-way SSL with certificate CN check failsShibd not receiving proper POST requestShibboleth 404 when upgrading to ASP.net COREShibboleth not setting REMOTE_USERMoving SSL cert to the edge breaks ShibbolethShibboleth reverse proxy configurationHow to fix misredirection after rewriting Symfony4's 302 redirected URL (to login page)
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;
I am trying to send the POST request that is sent from Authenticating shibboleth back to my web server, but I am only getting a GET request. When this GET request is proxied to my web server's callback, it only gets a "hello" which we set.
What I am trying to accomplish is to send the post through the proxy and receive it on my callback path and extract the attributes and save them.
This is my architecture that I currently have:
Web -> Shibboleth server (/secure) -> Authenticates to my IDP provider -> Returns with a POST method to /secure then I have here a my reversed proxy to send it to my web server, but only the GET method occurs.
These are the apache logs
[12/Jun/2018:19:40:03 +0000] "GET /secure HTTP/1.1" 302 841 (called to log in)
[12/Jun/2018:19:40:38 +0000] "POST /Shibboleth.sso/SAML2/POST HTTP/1.1" 302 238 (returning from the IdP)
[12/Jun/2018:19:40:38 +0000] "GET /secure HTTP/1.1" 200 5
My reverse proxy configuration:
<Location /secure >
AuthType shibboleth
ShibRequireSession On
ShibRequestSetting applicationId default
ShibUseHeaders On
Require valid-user
</Location>
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
ProxyRequests off
ProxyPass /secure https://mywebsite.com/login/callback
ProxyPassReverse /secure https://mywebsite.com/login/callback
ProxyPreserveHost On
Any help would be appreciated it!
apache-2.4 configuration reverse-proxy shibboleth
asked Jun 12 '18 at 21:43
leoleo
62
add a comment |
I am trying to send the POST request that is sent from Authenticating shibboleth back to my web server, but I am only getting a GET request. When this GET request is proxied to my web server's callback, it only gets a "hello" which we set.
What I am trying to accomplish is to send the post through the proxy and receive it on my callback path and extract the attributes and save them.
This is my architecture that I currently have:
Web -> Shibboleth server (/secure) -> Authenticates to my IDP provider -> Returns with a POST method to /secure then I have here a my reversed proxy to send it to my web server, but only the GET method occurs.
These are the apache logs
[12/Jun/2018:19:40:03 +0000] "GET /secure HTTP/1.1" 302 841 (called to log in)
[12/Jun/2018:19:40:38 +0000] "POST /Shibboleth.sso/SAML2/POST HTTP/1.1" 302 238 (returning from the IdP)
[12/Jun/2018:19:40:38 +0000] "GET /secure HTTP/1.1" 200 5
My reverse proxy configuration:
<Location /secure >
AuthType shibboleth
ShibRequireSession On
ShibRequestSetting applicationId default
ShibUseHeaders On
Require valid-user
</Location>
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
ProxyRequests off
ProxyPass /secure https://mywebsite.com/login/callback
ProxyPassReverse /secure https://mywebsite.com/login/callback
ProxyPreserveHost On
Any help would be appreciated it!
apache-2.4 configuration reverse-proxy shibboleth
asked Jun 12 '18 at 21:43
leoleo
62
add a comment |
I am trying to send the POST request that is sent from Authenticating shibboleth back to my web server, but I am only getting a GET request. When this GET request is proxied to my web server's callback, it only gets a "hello" which we set.
What I am trying to accomplish is to send the post through the proxy and receive it on my callback path and extract the attributes and save them.
This is my architecture that I currently have:
Web -> Shibboleth server (/secure) -> Authenticates to my IDP provider -> Returns with a POST method to /secure then I have here a my reversed proxy to send it to my web server, but only the GET method occurs.
These are the apache logs
[12/Jun/2018:19:40:03 +0000] "GET /secure HTTP/1.1" 302 841 (called to log in)
[12/Jun/2018:19:40:38 +0000] "POST /Shibboleth.sso/SAML2/POST HTTP/1.1" 302 238 (returning from the IdP)
[12/Jun/2018:19:40:38 +0000] "GET /secure HTTP/1.1" 200 5
My reverse proxy configuration:
<Location /secure >
AuthType shibboleth
ShibRequireSession On
ShibRequestSetting applicationId default
ShibUseHeaders On
Require valid-user
</Location>
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
ProxyRequests off
ProxyPass /secure https://mywebsite.com/login/callback
ProxyPassReverse /secure https://mywebsite.com/login/callback
ProxyPreserveHost On
Any help would be appreciated it!
apache-2.4 configuration reverse-proxy shibboleth
asked Jun 12 '18 at 21:43
leoleo
62
I am trying to send the POST request that is sent from Authenticating shibboleth back to my web server, but I am only getting a GET request. When this GET request is proxied to my web server's callback, it only gets a "hello" which we set.
What I am trying to accomplish is to send the post through the proxy and receive it on my callback path and extract the attributes and save them.
This is my architecture that I currently have:
Web -> Shibboleth server (/secure) -> Authenticates to my IDP provider -> Returns with a POST method to /secure then I have here a my reversed proxy to send it to my web server, but only the GET method occurs.
These are the apache logs
[12/Jun/2018:19:40:03 +0000] "GET /secure HTTP/1.1" 302 841 (called to log in)
[12/Jun/2018:19:40:38 +0000] "POST /Shibboleth.sso/SAML2/POST HTTP/1.1" 302 238 (returning from the IdP)
[12/Jun/2018:19:40:38 +0000] "GET /secure HTTP/1.1" 200 5
My reverse proxy configuration:
<Location /secure >
AuthType shibboleth
ShibRequireSession On
ShibRequestSetting applicationId default
ShibUseHeaders On
Require valid-user
</Location>
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
ProxyRequests off
ProxyPass /secure https://mywebsite.com/login/callback
ProxyPassReverse /secure https://mywebsite.com/login/callback
ProxyPreserveHost On
Any help would be appreciated it!
apache-2.4 configuration reverse-proxy shibboleth
apache-2.4 configuration reverse-proxy shibboleth
asked Jun 12 '18 at 21:43
leoleo
62
asked Jun 12 '18 at 21:43
leoleo
62
asked Jun 12 '18 at 21:43
leoleo
62
asked Jun 12 '18 at 21:43
leoleo
62
asked Jun 12 '18 at 21:43
leoleo
62
62
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
I was able to send the headers through a RewriteRule:
RewriteRule /secure https://website.com/login/callback
But I use a Get callback method on the webserver and from there redirect to where I want.
answered May 6 at 23:14
leoleo
62
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "2"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f916342%2freverse-proxy-for-shibboleth-not-sending-request-post%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
I was able to send the headers through a RewriteRule:
RewriteRule /secure https://website.com/login/callback
But I use a Get callback method on the webserver and from there redirect to where I want.
answered May 6 at 23:14
leoleo
62
add a comment |
I was able to send the headers through a RewriteRule:
RewriteRule /secure https://website.com/login/callback
But I use a Get callback method on the webserver and from there redirect to where I want.
answered May 6 at 23:14
leoleo
62
add a comment |
I was able to send the headers through a RewriteRule:
RewriteRule /secure https://website.com/login/callback
But I use a Get callback method on the webserver and from there redirect to where I want.
answered May 6 at 23:14
leoleo
62
I was able to send the headers through a RewriteRule:
RewriteRule /secure https://website.com/login/callback
But I use a Get callback method on the webserver and from there redirect to where I want.
answered May 6 at 23:14
leoleo
62
answered May 6 at 23:14
leoleo
62
answered May 6 at 23:14
leoleo
62
answered May 6 at 23:14
leoleo
62
62
add a comment |
add a comment |
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f916342%2freverse-proxy-for-shibboleth-not-sending-request-post%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
