[midPoint] SAML authentication return URL
Eetu Salpaharju
Eetu.Salpaharju at tietokeskus.fi
Fri Jul 14 12:52:56 CEST 2023
Hello,
I'm deploying SAML2 authentication against Microsoft Azure AD.
My network configuration is using nginx server as reverse proxy like this. Both Midpoint and nginx are running on the same server.
user ---https://midpoint.example.com---> nginx ---http://localhost:8080---> Midpoint
Now Midpoint sends following return URL to Azure: http://midpoint.example.com/midpoint/auth/default/azure_auth/SSO/alias/aad . The problem is that return url is using http instead of https. The return url should be https://midpoint.example.com/midpoint/auth/default/azure_auth/SSO/alias/aad .
Where could I define base url or similar attribute so return URL would be with https protocol? For reference, my authenticator configuration is below.
<authentication>
...
<modules>
...
<saml2 id="10">
<identifier>azure_auth</identifier>
<description>Authentication against AzureAD tenant.</description>
<focusType>UserType</focusType>
<serviceProvider id="11">
<entityId>**ApplicationID from Azure**</entityId>
<aliasForPath>aad</aliasForPath>
<identityProvider>
<entityId>**ApplicationID from Azure**</entityId>
<metadata>
<pathToFile>/var/midpoint/auth/azure_metadata.xml</pathToFile>
</metadata>
<linkText>Microsoft Azure</linkText>
<authenticationRequestBinding>urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST</authenticationRequestBinding>
<nameOfUsernameAttribute>emailAddress</nameOfUsernameAttribute>
</identityProvider>
</serviceProvider>
</saml2>
</modules>
....
</authentication>
Thank you in advance for helping with this one.
- Eetu
More information about the midPoint
mailing list