Apache Server version: Apache/2.4.18 (Ubuntu) is running on port 80 on an EC2 instance that is fronted by an AWS ALB. I see the redirect being made to our IDP server but it's failing because these values are missing from the request
Here is my config file:
<VirtualHost *:80>
ServerName https://servername
UseCanonicalName On
ProxyRequests Off
# Start SSO - This is if you want Single sign on with Account Manager
ProxyPass /mellon/ !
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} =http
RewriteRule . https://%{HTTP:Host}%{REQUEST_URI} [L,R=permanent]
<Location />
# Require authenticated user
MellonEnable "auth"
# Configure the SP metadata
# This should be the files which were created when creating SP metadata.
MellonSPPrivateKeyFile /conf/server.key
MellonSPCertFile /conf/server.cert
MellonSPMetadataFile /conf/server.xml
# IdP metadata. This should be the metadata file you got from the IdP.
MellonIdPMetadataFile /conf/idpserver.xml
# Require Documentation User role
MellonRequire "roles" "ROLE"
# The location all endpoints should be located under.
# This path is relative to the root of the web server.
MellonEndpointPath /mellon
#this is the property coming on the SAML assertion set as REMOTE_USER
MellonUser "uid"
RewriteEngine on
RewriteRule .* - [E=RU:%{REMOTE_USER}]
RequestHeader set X_REMOTE_USER %{RU}e
MellonSamlResponseDump On
MellonSessionDump On
</Location>
</VirtualHost>
We have an identical setup on another server where it's working fine so not sure why the Signature and SigAlg values are not being added to the location. Any idea what could be causing this?
I got it to work. It seems like it's an issue with the version of Apache I was running on Ubuntu 16.04.04. I built a new instance using 14.04 and worked right away
For some reason we are missing the Signature and SigAlg query parameters from the location in the response from a GET to /mellon/login.
Here is the call that is being made:
Request
Response:
Apache Server version: Apache/2.4.18 (Ubuntu) is running on port 80 on an EC2 instance that is fronted by an AWS ALB. I see the redirect being made to our IDP server but it's failing because these values are missing from the request
Here is my config file:
We have an identical setup on another server where it's working fine so not sure why the Signature and SigAlg values are not being added to the location. Any idea what could be causing this?
Thanks, Steve