kakwa
commented
5 years ago Hello,
Indeed, I'm able to reproduce the issue, at least partially.
I will try to take a look.
Closed cyberb closed 5 years ago
kakwa
commented
5 years ago Hello,
Indeed, I'm able to reproduce the issue, at least partially.
I will try to take a look.
kakwa
commented
5 years ago Hello,
I think I've found the issue. CherryPy (the framework I'm using for ldapcherry) has a few parameters when proxying:
https://cherrypy.readthedocs.io/en/latest/pkg/cherrypy.lib.html#cherrypy.lib.cptools.proxy
Try adding the following parameters in ldapcherry.ini in the [global] section:
[global]
tools.proxy.on = True
#tools.proxy.remote = 'X-Forwarded-For'
#tools.proxy.local = 'X-Forwarded-Host'
#tools.proxy.scheme = 'X-Forwarded-Proto' The commented parameters are the headers set-up on the nginx vhost, the defaults should be ok in your case if I'm not mistaken.
Could you confirm it fixes the issue in your case? I've tested in my case, and it seems to work okay, but my setup is slightly different.
If that's it, it's not really a bug in ldapcherry, but the documentation really needs some improvements on the subject. Also, I should probably add the parameters in the default configuration file.
Thanks for pointing out the issue.
cyberb
commented
5 years ago It works!
I added proxy headers to ini file and also had to hardcode https (that did not work without proxy flags before) into nginx as I cannot use $scheme as it is always http in my case.
By the way I will use ldapcherry as a default user management app for https://syncloud.org and it looks good so far. Thanks.
When accessed using: https://example.com Redirected to: http://example.com/signin?url=http%3A%2F%2Fexample.com
Here is my nginx configuration: