Hi to everyone.
After the attempt to use SSO authorization with configured SAML toolkit, getting error corresponding me that i'm sending request with "http://mysp.mydomain" URI instead of "https://mysp.mydomain", although i setting "https" in all places where it apperars to be.
Hi to everyone. After the attempt to use SSO authorization with configured SAML toolkit, getting error corresponding me that i'm sending request with "http://mysp.mydomain" URI instead of "https://mysp.mydomain", although i setting "https" in all places where it apperars to be.
Here is trace messages (SAML-tracer): HTTP: GET https://idp.mydomain/adfs/ls/saml2/idp/SSOService.php?SAMLRequest=fZJbb%2BIwEIXf%2BRVV3olJYNPGAiRa9oJEATW0D32pjDMBS47t9di9%2FPuamO22lVrLTzNzPp8z8hhZKw2deXdQN%2FDXA7reWTjPrVRIu%2BYk8VZRzVAgVawFpI7Tana9pHk6oMZqp7mWySfZ9yqGCNYJraJsMZ8k69XP5fr3YvUw5EXNy7LYsaK8OIddWfMGYMhGxcVu1ORZU8LwR1mwKL0Di4EzSQI26UUaooeFQseUC%2FVBnvezcIfbbEBHOc3P76N0HsIKxVwnPzhnkBKCDlPrEQVTKRrGgbC6QSKRHFPlRNSGVNW6AvsoOKTmYCJsc9rDpVC1UPvv4%2B%2FiENI%2F2%2B2mv1lX2wiZ%2FVvLlVboW7CnZ25vltFhMLiXRnxyaKTfC4UkmDmaJI3VyhHGsbM37dDjY4d2q7HTr1Fj8n7uv9LQVUixmG%2B0FPylqx%2FPL21b5r4Om6VZVxF1v%2BlGqVdogItGQJ28YWZS6qcrC8zBJHHWQ3JGpr1eNPPxd05fAQ%3D%3D&RelayState=https%3A%2F%2Fmysp.mydomain%2F%3FSSO%3D1&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=E2WsQURphmaMDPlj34BpzQw7IFkZ%2FNl5rKb%2BhtuS%2B6JFGRTkU5w5mVRuVy%2BJ48AozsyDvr9%2F6FOhhVpXWlrW2jrDqkA%2F%2BWijzH1ibIP9mw9RA1E9BxgVRaKymLcRbi%2F6Bpo3LA%2F%2FElAnF9hRouLiIKbvHrWTTR3XWAbOBERqfSxfsINUF0BrPI9aD8Wih5x%2FNOZk4jiqUW1lsg0zujo4AX3B1KZxqbGUxohhsqyxG9swjcgEwAYHUxIL3lglYQvrm%2FoVjP5BN1IIq1YCWHVJ7bA6FPx647pO9JMXH6DTs3oBfuUQXIkhhsqMRVNSl70sj%2FjC2D6%2FOHx2e%2FVp4Ic2MQ%3D%3D HTTP/1.1 Host: idp.mydomain User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:107.0) Gecko/20100101 Firefox/107.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Encoding: gzip, deflate, br Referer: https://mysp.mydomain/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Sec-Fetch-User: ?1
HTTP/1.1 200 OK Cache-Control: no-cache,no-store Pragma: no-cache Content-Length: 18911 Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-HTTPAPI/2.0 Strict-Transport-Security: max-age = 31536000 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; X-Atlassian-Token: no-check Access-Control-Allow-Origin: * X-Frame-Options: DENY X-MS-Forwarded-Status-Code: 500 Date: Tue, 13 Dec 2022 10:42:24 GMT
Parameters
GET SAMLRequest: fZJbb+IwEIXf+RVV3olJYNPGAiRa9oJEATW0D32pjDMBS47t9di9/PuamO22lVrLTzNzPp8z8hhZKw2deXdQN/DXA7reWTjPrVRIu+Yk8VZRzVAgVawFpI7Tana9pHk6oMZqp7mWySfZ9yqGCNYJraJsMZ8k69XP5fr3YvUw5EXNy7LYsaK8OIddWfMGYMhGxcVu1ORZU8LwR1mwKL0Di4EzSQI26UUaooeFQseUC/VBnvezcIfbbEBHOc3P76N0HsIKxVwnPzhnkBKCDlPrEQVTKRrGgbC6QSKRHFPlRNSGVNW6AvsoOKTmYCJsc9rDpVC1UPvv4+/iENI/2+2mv1lX2wiZ/VvLlVboW7CnZ25vltFhMLiXRnxyaKTfC4UkmDmaJI3VyhHGsbM37dDjY4d2q7HTr1Fj8n7uv9LQVUixmG+0FPylqx/PL21b5r4Om6VZVxF1v+lGqVdogItGQJ28YWZS6qcrC8zBJHHWQ3JGpr1eNPPxd05fAQ== RelayState: https://mysp.mydomain/?SSO=1 SigAlg: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 Signature: E2WsQURphmaMDPlj34BpzQw7IFkZ/Nl5rKb+htuS+6JFGRTkU5w5mVRuVy+J48AozsyDvr9/6FOhhVpXWlrW2jrDqkA/+WijzH1ibIP9mw9RA1E9BxgVRaKymLcRbi/6Bpo3LA//ElAnF9hRouLiIKbvHrWTTR3XWAbOBERqfSxfsINUF0BrPI9aD8Wih5x/NOZk4jiqUW1lsg0zujo4AX3B1KZxqbGUxohhsqyxG9swjcgEwAYHUxIL3lglYQvrm/oVjP5BN1IIq1YCWHVJ7bA6FPx647pO9JMXH6DTs3oBfuUQXIkhhsqMRVNSl70sj/jC2D6/OHx2e/Vp4Ic2MQ==
SAML
<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="ONELOGIN_3c6dc996ba6987eb9dcfee3a468b4f21f9e3596a" Version="2.0" IssueInstant="2022-12-13T10:42:27Z" Destination="https://idp.mydomain/adfs/ls/saml2/idp/SSOService.php" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://mysp.mydomain/plugins/phpsaml/front/acs.php"