Closed iremmats closed 6 years ago
dtretyakov
commented
6 years ago @iremmats, it seems that you have reverse proxy with URL rewrite rules behind TeamCity server and your rules change URL specified in the Endpoint URL parameter from https://login.microsoftonline.com/GUID/oauth2/authorize to https://myteamcityserver.mydomain.com/GUID/oauth2/authorize.
To solve it contact your system administrator of this reverse proxy to tune these rewrite rules.
iremmats
commented
6 years ago Ok I will dig into this. Thanks for quick reply!
iremmats
commented
6 years ago Do you have an example of a IIS reverse proxy setup to have this work? Our current setup is one rule matching * doing redirect to http://localhost:8080/{R:0}
iremmats
commented
6 years ago It is solved. Discovered there was already a closed issue on this. Unchecking the box in IIS was enough.
https://github.com/JetBrains/teamcity-azure-active-directory/issues/14
We have configured the plugin and go to the login page for Teamcity. After clicking login with Azure AD we get a 404 not found.
https://myteamcityserver.mydomain.com/GUID/oauth2/authorize?response_type=id_token&client_id=client_id&scope=openid&nonce=E8D55A2D4DD18FF0BFAAC36540D9A70A&response_mode=form_post&prompt=login&redirect_uri=https://myteamcityserver.mydomain.com/overview.html
The problem is that the domain of the autorization call is the server and not login.microsoftonline.com. If I manually change that and go there the login works fine.