SimpleSAML_Utilities::getBaseURL returns faulty url.

[GoogleCodeExporter]

I am using simplesamlphp, set up under a VirtualHost (auth.domain.tld) without 
appended path /simplesaml/. I've set up an idp that authenticates users with 
sql. 

We are using Drupal with the simplesamlphp_auth module as an sp. It's running 
on the same server but a different vhost (drupal.domain.tld). 

When authenticating (SimpleSAML_Auth_Simple->requireAuth()) we are directed to 
a non-existant url.

This path is generated by SimpleSAML_Auth_Simple::getLoginURL which in turn 
delegates to SimpleSAML_Module::getModuleURL and 
SimpleSAML_Utilities::getBaseURL. 

Here the configuration setting baseurlpath is consulted. I've set this up to 
correspond with auth.domain.tld In Utilities.php:214 this setting is determined 
not to be a valid full URL so the server settings are used, resulting in a 
local redirection on the wrong vhost.

What am i doing wrong?

I suggest to change the regex in Utilities.php:214 from
if (preg_match('#^https?://([^/]*)/(.*)/$#D', $baseURL, $matches)) {
to
if (preg_match('#^https?://([^/]*)/((.*)/)?$#D', $baseURL, $matches)) {
so that the path is no longer required, however i'm not sure what the 
implications might be. Is it at all possible to remove the trailing 
/simplesaml/?

My setup is a debian 6.0.3 box running php 5.3 and apache2.

Also posted to the mailinglist: 
https://groups.google.com/group/simplesamlphp/browse_thread/thread/2547636fd3ffd
0dc

regard,
th

Original issue reported on code.google.com by thimotho...@gmail.com on 17 Nov 2011 at 11:51

[GoogleCodeExporter]

This was fixed in r2983 (see mailing list post).

Original comment by olavmrk@gmail.com on 17 Nov 2011 at 2:00

• Changed state: Fixed
• Added labels: Type-Defect

[GoogleCodeExporter]

Oops, I meant r2984.

Original comment by olavmrk@gmail.com on 17 Nov 2011 at 2:01