ftoppi
commented
7 months ago Hello, it seems another workaround is to rewrite the host header in the reverse proxy.
Closed XidRanReb closed 3 days ago
ftoppi
commented
7 months ago Hello, it seems another workaround is to rewrite the host header in the reverse proxy.
StephenHinck
commented
3 days ago @ftoppi is correct - header rewrites within the reverse proxy is the appropriate way to configure this. I am closing this ticket.
Feature Description: Allow an admin to specify the URL of the instance when running in Docker behind a reverse proxy.
Current Behavior: When adding a SAML configuration in the interface, the app automatically generates the SSO/ACS/Metadata URLs based on the context URL, which is not the a good idea when running behind a reverse proxy.
I guess : https://github.com/SpecterOps/BloodHound/blob/7b088554246cc89d4309665214b34ab933ea0411/cmd/api/src/auth/bhsaml/provider.go#L207
Desired Behavior: The instance URL could be set in the .env file.
Workaround Set a hostname in the compose file that matches the one used in frontend to the BH container. Activate HTTPS and switch to port 443 so the reverse proxy forward to the exact same URL as the client request.