SSO redirects to http page(instead of https) post login | Community
Skip to main content
Adilmo
Adilmo
Level 4
November 8, 2017
Solved

SSO redirects to http page(instead of https) post login

  • November 8, 2017
  • 5 replies
  • 5540 views

Hi All,

We are facing a challenge of redirecting to https page post successful saml authentication.

Here is the flow :

1. IDP does successful authentication and redirects to https url  containing (/saml_login).

2. Then the user is redirected to the landing page but this happens on http and not HTTPs.

We tried configuring SSL filter on our publisher but of no use.

Kindly help us.

    This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
    Best answer by darryla89510198

    If the dispatcher log headers, with the correct value, match your SSL Filter & you get http redirect. I recommend an Adobe DayCare ticket at this point

    5 replies

    D
    darryla89510198
    Level 2
    November 15, 2017

    I've been working on something similar.

    I suspect your SSL is terminating further upstream & your publisher request is incoming as http. Thus, your redirect is sent to http.

      Adilmo
      AdilmoAuthor
      Level 4
      November 16, 2017

      Yeah but how to resolve it .... SSLFilter packaged with AEM does not seem to work. It never gets invoked. It has an awkward pattern to which it is registered.

      ".*"

      While other filters are registered with "/.*"

      Also I noticed that the filter does not come with a service while other filters have service.

      Kindly help.

      D
      darryla89510198
      Level 2
      November 16, 2017

      Check your dispatcher.log file to ensure the headers are being passed through. I had to update my CDN to pass through a custom header. I setup X-Forward-Proto = https

      Once I setup that header, it was showing in dispatcher logs.

      You should see this log line:

      [Thu Nov 16 11:03:45 2017] [D] [pid 42613] Adding request header: X-Forwarded-Proto

      Once this was present, the SSL Filter config picked it up & redirected me back to https

      Adilmo
      AdilmoAuthor
      Level 4
      November 20, 2017

      Hi,

      Filter is configured successfully

      I can see headers also present in the logs

      but still I redirect to http.

      D
      darryla89510198Accepted solution
      Level 2
      November 20, 2017

      If the dispatcher log headers, with the correct value, match your SSL Filter & you get http redirect. I recommend an Adobe DayCare ticket at this point

      Terms & ConditionsAccessibility statement

      Loading footer...