search

privacyidea / adfs-provider

Authentication provider for Microsoft AD FS to use with privacyIDEA.
GNU Affero General Public License v3.0
20 stars 5 forks source link

Loadbalancing / HA Proxy #14

Closed RalphK83 closed 2 years ago

RalphK83 commented 3 years ago

We are using 3 PI Servers and 1 Database with HA Proxy.

We have the following User / Token process: User does not have indexed secret token -> User is doing ADFS Authentication (Username/Password)-> PI is creating via script the indexed secret token “on the fly” in the background -> User can login within the same ADFS Authentication Session with the indexed secret token.

Now with the HAProxy: Indexed secret token is created in the background, but User cannot use the token in the same ADFS “Session”. Maybe ADFS PrivacyIdea Provider is not handling persistent Session Cookies?

Thanks

nilsbehlen commented 3 years ago

Hi, what is written in the log file? Is the response from the server the same in both cases?

cornelinux commented 2 years ago

@RalphK83 I think this is not related to the ADFS plugin.

I think it is a handler configuration issue on the server, so that the event handler could be a post-handler. We also added a checkbox in regards to the database sync in the handlers.

@nilsbehlen I would recommend to close this.