Projects/nettsiden
Projects
/
nettsiden
8
2
Fork 0
Code Issues 15 Pull Requests 2 Activity

IDP doesn't work on the .org domain #3

New Issue
Closed
opened 2018-02-13 21:05:43 +01:00 by pbsds · 6 comments
pbsds commented 2018-02-13 21:05:43 +01:00 (Migrated from github.com)
Copy Link

I get the error message:

Caused by: SimpleSAML_Error_Exception: URL not allowed

It would be nice if you logged in on one domain, you'd stay logged in on the other as well
(cross-domain session cookie?)

I get the error message: ``` Caused by: SimpleSAML_Error_Exception: URL not allowed ``` It would be nice if you logged in on one domain, you'd stay logged in on the other as well (cross-domain session cookie?)
jornane commented 2018-02-16 13:11:08 +01:00 (Migrated from github.com)
Copy Link

We don't have a certificate for .org, so I'd recommend limiting logging in to the other domain.

We don't have a certificate for .org, so I'd recommend limiting logging in to the other domain.
pbsds commented 2018-08-19 22:14:28 +02:00 (Migrated from github.com)
Copy Link

I ended up "fixing" this one when takin the site live. All access to .org is forwarded to .ntnu.no by lighttpd. There was an issue with http aswell, which was "fixed" by having lighttpd forward the client to https

I ended up "fixing" this one when takin the site live. All access to .org is forwarded to .ntnu.no by lighttpd. There was an issue with http aswell, which was "fixed" by having lighttpd forward the client to https
jornane commented 2018-08-20 09:39:53 +02:00 (Migrated from github.com)
Copy Link

See the mailing list, you should not automatically forward http to https, stuff breaks.

See the mailing list, you should not automatically forward http to https, stuff breaks.
pbsds commented 2018-08-21 20:30:10 +02:00 (Migrated from github.com)
Copy Link

I've change the baseurlpath in simplesaml to use https when logging in instead, but i'd like to have the connection elevated to https when logging in, and force the session token to only be sent when the connection is secure, but this should do for now.

I've change the baseurlpath in simplesaml to use https when logging in instead, but i'd like to have the connection elevated to https when logging in, and force the session token to only be sent when the connection is secure, but this should do for now.
pbsds commented 2018-08-22 21:58:23 +02:00 (Migrated from github.com)
Copy Link

I've made the .org domain being forwarded to .ntnu.no when the path doesn't start with /~ (userpages).
The session cookie is only set on the .ntnu.no domain, probably due to the login url being set to that domain. This seems to have been the old solution on the old setup as well.

I've made the .org domain being forwarded to .ntnu.no when the path doesn't start with /~ (userpages). The session cookie is only set on the .ntnu.no domain, probably due to the login url being set to that domain. This seems to have been the old solution on the old setup as well.
jornane commented 2018-08-23 08:41:16 +02:00 (Migrated from github.com)
Copy Link

My previous fix for http/https (mailinglist) also fixed the cookie problem, so I removed the redirect.

My previous fix for http/https (mailinglist) also fixed the cookie problem, so I removed the redirect.
oysteikt added the
bug
 label 2024-07-28 15:38:45 +02:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
master
readd-webmail
bump-deps
i-am-imploding
calendar-disable-events
adriangl-patch-coordinates
spaceapi
www2-www-fixes
nixify
gallery
css
1.2
1.1
v1.1
v1.0
Labels
Clear labels
  
art

The issue needs someone to be creative

  
big

No, not bug, **big** - this is gonna take a while

  
blocked

This issue/PR depends on one or more other issues/PRs

  
bug

Something is not working, and it's not the shield hero

  
crash report

Report an oopsie

  
disputed

kranglefanter

  
documentation

Documentation changes required

  
duplicate

This issue or pull request already exists

  
feature request

New feature

  
good first issue

Get your hands dirty with a new project here

  
packaging

Relates to distribution of the software

  
question

More information is needed

  
security

Skommel

  
wontfix

This won't be fixed

No Label
art
big
blocked
bug
crash report
disputed
documentation
duplicate
feature request
good first issue
packaging
question
security
wontfix
Milestone
Clear milestone
No items
No Milestone
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: Projects/nettsiden#3
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?