Closed elliotclements-mendix closed 2 years ago
Hi @elliotclements-mendix Thank you for giving us the feedback on the SAML module. Based on your input, I raised a PR to improve this doc. Could you please help me review these changes? You can find the changes here. If you have any comments, you can leave them in the PR.
This issue is resolved. @elliotclements-mendix Thank you for helping us improve the document! Please let us know if you find any other documentation which is wrong or unclear.
Please use the form below, leaving the prefilled data to help us. Thank you.
Page link: SAML
Document link: saml.md
My Issue/Suggestion
The configuration instructions for SAML are incorrect and doesn't work in Mendix 9. Section 2.1 Using SSOLandingPage (https://docs.mendix.com/appstore/modules/saml/#ssolandingpage)
I discussed the correct setup approach on Mendix Internal slack and we should update our guide to reflect this: https://mendix.slack.com/archives/C0TS72R9B/p1660731557035239
1) You do this by changing the index.html page: In Mendix 9, there is no longer an index.html page created for you. The user manually must create one and where to find it. Documentation should provide details how to achieve this E.g. "Create an index.html page in your project folder .../theme/web. You can create a copy of the default index.html page by first running your project in Studio Pro .../deployment/web/index.html. copy the file and transfer to .../theme/web. Mendix will now use this version as the template for index.html"
2)
<meta http-equiv="refresh" content="0;URL=/SSO/" />
| If the user is using the index.html page that Mendix generates adding this additional tag creates 2x redirects in the html page causing incorrect behaviour. Instead the documentation should recommend changing the URL within the originURI to /SSO/ e.g.:document.cookie = "originURI=/SSO/" + (window.location.protocol === "https:" ? ";SameSite=None;Secure" : "");
3) Documentation should include a comment how the cookie js script works. e.g. This cookie determines where the Mendix Client will redirect users to when they need to sign in. If you are already signed in, you are not redirected again.