|
Preserve URL header issue in Nginx reverse proxy | ADFS February 29, 2020 05:56AM |
Registered: 4 years ago Posts: 1 |
Hello,
We have configured Nginx reverse proxy on Ubuntu 18.04 for internal application ADFS URL, both instances are located in the same network of AWS cloud.
Redirection to the internal application ADFS ( https://ec2instance.domain.com/adfs/ls/idpinitiatedsignon.aspx ) is happening properly when we hit the Nginx reverse proxy URL ( https://rpserver.domain.com ), however, the URL of Nginx reverse proxy gets changed to ADFS URL after the user's authentication. We want to remain the URL of reverse proxy after user authentication.
Current status - Before user's authentication -
https://rpserver.domain.com -> https://rpserver.domain.com/adfs/ls/idpinitiatedsignon.aspx
Current status - After user's authentication -
https://rpserver.domain.com -> https://rpserver.domain.com/adfs/ls/idpinitiatedsignon.aspx -> user's authentication -> https://ec2instance.domain.com/adfs/ls/idpinitiatedsignon.aspx
Expected requirement - Before / After user's authentication -
https://rpserver.domain.com -> https://rpserver.domain.com/adfs/ls/idpinitiatedsignon.aspx -> user's authentication -> https://rpserver.domain.com/adfs/ls/idpinitiatedsignon.aspx
Environment details below -
Nginx RP URL - https://rpserver.domain.com
ADFS URL - https://ec2instance.domain.com/adfs/ls/idpinitiatedsignon.aspx
Nginx reverse proxy configuration details below -
server {
listen 80;
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate /etc/nginx/sites-available/ssl.crt;
ssl_certificate_key /etc/nginx/sites-available/ssl.key;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
server_tokens off;
proxy_connect_timeout 3000;
proxy_send_timeout 3000;
proxy_read_timeout 3000;
send_timeout 3000;
#charset koi8-r;
ssl on;
ssl_dhparam /etc/nginx/sites-available/dhparam.pem;
server_name rpserver.domain.com;
location / {
root /adfs/ls/idpinitiatedsignon.aspx;
proxy_ssl_session_reuse off;
proxy_ssl_server_name on;
set $my_host "rpserver.domain.com";
#set $server_port "443";
proxy_set_header Host $my_host:$server_port;
proxy_set_header X-Forwarded-Host $my_host:$server_port;
proxy_set_header X-Forwarded-Server $my_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass https://ec2instance.domain.com/adfs/ls/idpinitiatedsignon.aspx;
proxy_set_header X-Forwarded-Proto https;
}
}
We would really appreciate your suggestion. Thanks in advance for your response.
Regards,
Elango
We have configured Nginx reverse proxy on Ubuntu 18.04 for internal application ADFS URL, both instances are located in the same network of AWS cloud.
Redirection to the internal application ADFS ( https://ec2instance.domain.com/adfs/ls/idpinitiatedsignon.aspx ) is happening properly when we hit the Nginx reverse proxy URL ( https://rpserver.domain.com ), however, the URL of Nginx reverse proxy gets changed to ADFS URL after the user's authentication. We want to remain the URL of reverse proxy after user authentication.
Current status - Before user's authentication -
https://rpserver.domain.com -> https://rpserver.domain.com/adfs/ls/idpinitiatedsignon.aspx
Current status - After user's authentication -
https://rpserver.domain.com -> https://rpserver.domain.com/adfs/ls/idpinitiatedsignon.aspx -> user's authentication -> https://ec2instance.domain.com/adfs/ls/idpinitiatedsignon.aspx
Expected requirement - Before / After user's authentication -
https://rpserver.domain.com -> https://rpserver.domain.com/adfs/ls/idpinitiatedsignon.aspx -> user's authentication -> https://rpserver.domain.com/adfs/ls/idpinitiatedsignon.aspx
Environment details below -
Nginx RP URL - https://rpserver.domain.com
ADFS URL - https://ec2instance.domain.com/adfs/ls/idpinitiatedsignon.aspx
Nginx reverse proxy configuration details below -
server {
listen 80;
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate /etc/nginx/sites-available/ssl.crt;
ssl_certificate_key /etc/nginx/sites-available/ssl.key;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
server_tokens off;
proxy_connect_timeout 3000;
proxy_send_timeout 3000;
proxy_read_timeout 3000;
send_timeout 3000;
#charset koi8-r;
ssl on;
ssl_dhparam /etc/nginx/sites-available/dhparam.pem;
server_name rpserver.domain.com;
location / {
root /adfs/ls/idpinitiatedsignon.aspx;
proxy_ssl_session_reuse off;
proxy_ssl_server_name on;
set $my_host "rpserver.domain.com";
#set $server_port "443";
proxy_set_header Host $my_host:$server_port;
proxy_set_header X-Forwarded-Host $my_host:$server_port;
proxy_set_header X-Forwarded-Server $my_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass https://ec2instance.domain.com/adfs/ls/idpinitiatedsignon.aspx;
proxy_set_header X-Forwarded-Proto https;
}
}
We would really appreciate your suggestion. Thanks in advance for your response.
Regards,
Elango
Sorry, only registered users may post in this forum.
Online Users
Guests:
284
Record Number of Users:
8
on April 13, 2023
Record Number of Guests:
421
on December 02, 2018
This forum is powered by Phorum.
 |
 |
 |
 |
|