SimpleSAMLphp redirect back with wrong hostname - simplesamlphp

I have an application at url like https://mytestapp.domain
Have there installed SimpleSAMLphp https://mytestapp.domain/simplesaml
When I want to log in I am redirected to SAML server where I can fill username and password. Then I am redirected back to my app.
Problem is that I am redirected to https://<ip_of_my_server>/simplesaml/module.php/saml/sp/discoresp.php... but I need hostname in url (https://mytestapp.domain/simplesaml/module.php/saml/sp/discoresp.php...)
In SAML request I have
<saml:Issuer>https://<ip_of_my_server>/simplesaml/module.php/saml/sp/metadata.php/...</saml:Issuer>
AssertionConsumerServiceURL="https://<ip_of_my_server>/simplesaml/module.php/saml/sp/saml2-acs.php/..."
But
entityID="https://mytestapp.domain/simplesaml/module.php/saml/sp/metadata.php/..."
and baseurl is also filled with hostname https://mytestapp.domain...
Can somebody direct me where I should change IP to hostname?
Edit 1
mytestapp.domain/simplesaml/admin/hostnames.php as Lisa suggested is 404 Not Found (maybe some older version on my server (it looks like it is 1.11)
In config.php I have
$config = array(
//...
'baseurlpath' => 'https://' . $currentHost . '/simplesaml/',
//...
);
where $currentHost is result of getting HTTP_X_FORWARDED_HOST or HTTP_HOST and it is filled with mytestapp.domain

Related

Rewrite application path from tomcat using IIS

I need to configure an URL rewrite that way:
Server Application Provider: Tomcat 8 with a Java Web Based Application.
WebServer: IIS 10.0
Original URL application:
http://localhost:8080/Spigen
Desired URL:
http://localhost/Spigen/bi/sams
I tried that way:
1- In IIS 10 I set up a Server Farm with
Server Address= localhost
httpPort= 8080
2- Configured a Rule to remove 8080 port from URL:
Rule 1
3- Configured a Rule of user-friendly URL:
user friendly config
I didn't have desired effect. When I access:
http://localhost/Spigen/bi/sams
I receive from browser 404 messagem:
404 message
I don't really have idea how could I get that.
The idea is to have several URL acessing the same application and the application make decisions based on it.
URL Examples:
/Spigen/bi/sams
/Spigen/bi/app
/Spigen/bi/nok
What configuration is missing?

How to create a subdomain in localhost xampp?

I am working on my localhost (xampp). My URL of current directory is localhost/pms/. After login of User (with username XYZ), I want my URL to become localhost/XYZ.pms/.
How can I do this?

Redirect IIS's root to application root

I have several applications installed on IIS:
/abc
/bcd
Now I want to redirect users coming to / to the /abc website. Since the root is not part of any application, I cannot use IIS Rewrite Module which uses redirects defined in web.config.
So I installed HTTP Redirection in IIS and enabled the following:
This works, if the user enters exactly http://example.com or http://example.com/, the server redirects to http://example.com/abc/.
However, if the user enters http://example.com/abc, the server treats the request as in the root directory, so it applies a redirection too, leading to http://example.com/abc/abc.
I also tried checking the first checkbox (Redirect all request to exact destination), but this leads to a redirection loop from http://example.com/abc to http://example.com/abc.
I want those users entering example.com/abc to stay there, and redirect users entering example.com to the /abc application. How can I do that?
To fix the redirect loop, you can add a trailing anchor link to the destination, for example: /abc/#. This prevents IIS from stripping the trailing slash and creating a redirect loop from http://example.com/abc to http://example.com/abc
Example redirect
Request URL:https://example.com/abc
Request Method:GET
Status Code:302 Redirect
Response Headers
Location:https://example.com/abc/#
Server:Microsoft-IIS/8.0
Request URL:https://example.com/abc/
Request Method:GET
Status Code:200 OK
URL rewrite module
Alternatively you can still use the URL rewrite module as discussed here even when it is for your root site and not an application. The web.config file should be present in your web root folder (typically %SystemDrive%\inetpub\wwwroot). You can also use the URL Rewrite UI in IIS Manager to add an inbound rule:
This will redirect http://example.com/ to http://example.com/abc/.
If the user enters http://example.com/xyz (and that file does not exist) they will not be redirected to /abc and will receive a 404, unlike the HTTP redirect module above.

Running Sonar behind Microsoft IIS with SSL enabled fails to redirect to https after successfull login

I have configured Sonar webserver to have all of the requests to go through Microsoft IIS server.
It was confirmed to work fine with requests via http protocol.
However, once the https was enabled, after successful login, Sonar webapp is trying to redirect to non-https url, causing it to timeout. If I then go and change the url to go to https, it shows as authenticated and continues to work as normal.
The same issue happens when you trying to logout - instead of redirecting to https page, it goes out to http.
What needs to be done to make Sonar post-login action to use the same protocol via which the login page was requested originally?
sonar.properties has:
sonar.web.host: 127.0.0.1
sonar.web.port: 9000
sonar.web.context: /sonar
IIS plugin has:
<VirtualHostGroup Name="default_host">
<VirtualHost Name="*:80"/>
<VirtualHost Name="*:9443"/>
<VirtualHost Name="*:443"/>
<VirtualHost Name="*:9000"/>
</VirtualHostGroup>
<ServerGroup Name="sonar_group">
<Server Name="sonar_server">
<Transport Hostname="127.0.0.1" Port="9000" Protocol="http"/>
</Server>
</ServerGroup>
<UriGroup Name="sonar_host_URIs">
<Uri Name="/sonar*"/>
</UriGroup>
<Route ServerGroup="sonar_group" UriGroup="sonar_host_URIs" VirtualHostGroup="default_host"/>
Thanks.
In the web UI (while logged in as an admin user), go to Settings -> General and make sure the URL listed under Server Base URL starts with "https". This can also be set in the server's sonar.properties file using sonar.core.serverBaseURL
This is a well-known issue with the Ruby stack, and requires tweaking the web-server config -- not that of Sonar. On Apache you'd have to do the following, Im sure the pointers in the ticket will also lead you to a solution for IIS:
RequestHeader set X_FORWARDED_PROTO "https"

Using Passport-google behind proxy

I'm using Passport-google to login users in example.com:3000. It works great. But if I put the Node.js server behind a proxy (IIS7; don't ask why, I had to), and access to my site in example.com (not in example.com:3000), I can't login with Passport-google. My RewriteRule in IIS:
Pattern (.*)
{HTTP_HOST} Matches myserver.com
{SERVER_PORT} Does not match 3000
Rewrite URL: http://127.0.0.1:3000/{R:1}
The error I got:
Cannot GET /accounts/o8/ud?
Also I have the same problem with Passport-twitter, and Passport-facebook.
I think I should set some other rule in IIS, or set some proxy settings in Passport.js, or OpenID, but haven't figured out yet. Any ideas?
The IIS proxy had a bad configuration. under Application Request Routing (ARR) / Server proxy settings Reverse rewrite host in response headers was switched on, so when passport sent a 302 with a location in header set to https://www.google.com/accounts/o8/... the IIS proxy replaced it to http://myserver.com/accounts/o8/... . which of course was an invalid link.

Resources