英文:
How to configure grails-spring-security-saml plugin version 5.0.0-RC3 for https applications
问题
我正在将我的Grails4应用程序升级到Grails5,并尝试将grails-spring-security-saml插件从版本4.0.2升级到版本5.0.0-RC3。
我正在使用Okta作为我的身份提供者,如果我的应用程序是http,我可以成功进行身份验证。如果我的应用程序是https(在反向代理后面),则Okta的响应被拒绝,因为受众等不匹配(http与https)。
我相信在早期版本(4.0.2)中,通过替换以下内容,我已经使其正常工作:
contextProvider(SAMLContextProviderImpl)
替换为:
contextProvider(SAMLContextProviderLB) {
scheme = conf.saml.scheme
serverName = conf.saml.serverName
serverPort = conf.saml.serverPort
contextPath = conf.saml.contextPath
includeServerPortInRequestURL = conf.saml.includeServerPortInRequestURL
}
我不确定对于这个版本需要做什么。
英文:
I am upgrading my Grails4 application to Grails5 and am trying to upgrade the grails-spring-security-saml plugin from version 4.0.2 to version 5.0.0-RC3.
I am using Okta as my identity provider and if my app is http, I can successfully authenticate. If my app is https (behind a reverse proxy), the Okta response is denied because the audience, etc, doesn't match (http vs https).
I believe I got this working on the earlier (4.0.2) version by replacing
contextProvider(SAMLContextProviderImpl)
with
contextProvider(SAMLContextProviderLB) {
scheme = conf.saml.scheme
serverName = conf.saml.serverName
serverPort = conf.saml.serverPort
contextPath = conf.saml.contextPath
includeServerPortInRequestURL = conf.saml.includeServerPortInRequestURL
}
I am unsure of what needs to be done for this version.
答案1
得分: 0
我通过两个步骤解决了这个问题:
- 在application.groovy中添加以下内容:server.forwardHeadersStrategy = "framework"
- 在我的tomcat/server.xml文件中,我在Connector端口配置中添加了以下内容:scheme="https"
英文:
I solved this by doing two things:
- added the following to application.groovy: server.forwardHeadersStrategy = "framework"
- in my tomcat/server.xml file I added the following to the Connector port configuration: scheme="https"
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论