View ProjeQtOr On SourceForge.net
ProjeQtOr - Project Management Tool
Supportez nous sur Capterra
OIN - Open Invention Network
ProjeQtOr free project management software - SAML endpoints problem when projeqtor located behind a reverse proxy - ProjeQtOr

Prochaines Sessions

Les prochaines formations et démonstrations sont ouvertes, inscrivez-vous rapidement !

 

Démonstration de ProjeQtOr

(gratuit, sur inscription)
 

13 mai 2025 (10h30-12h)

5 juin 2025 (16h-17h30)

  
 

Planifiez avec ProjeQtOr

14 et 15 mai 2025 (9h-12h30)

18 et 19 juin 2025 (9h-12h30)

  
 

Administrez avec ProjeQtOr

20 et 21 mai (9h-12h30)

25 et 26 juin (9h-12h30)

  

 

 

SAML endpoints problem when projeqtor located behind a reverse proxy

More
14 Déc 2021 21:31 #1 by vanrar68
SAML endpoints problem when projeqtor located behind a reverse proxy was created by vanrar68
When SAML authentication is enabled Projeqtor tries to automaticaly generate the SAML SP entityid and SAML endpoints URL based on values from the $_SERVER array (getBaseUrl() in model/persitence/SqlElement.php)
Currently this function doesn't check standard variables set by common reverse proxy (eg. X_FORWARDED_PROTO). When the reverse proxy is doing SSL termination (HTTPS between the browser and the reverse proxy, HTTP between the reverse proxy and the Projeqtor server). This is often the case for cloud/kubernetes deployment.
Projeqtor generates SAML endpoints URL with http prefix instead of https prefix. This behaviour generates browser warnings because of the security context switch.

The following solves the problem (in getBaseUrl() in model/persitence/SqlElement.php):
$https=(isset($_SERVER) || (isset($_SERVER) && $_SERVER === 'https'))?'on':'off';

Maybe a configuration setting is better suited

Regards

Please Connexion or Create an account to join the conversation.

More
16 Déc 2021 11:35 #2 by babynus
Replied by babynus on topic SAML endpoints problem when projeqtor located behind a reverse proxy
Hi,

Thnaks for pointing out the issue.
Your proposale is weird and won't work on our Dev environments.
We added possibility to define parameter
if (Parameter::getGlobalParameter('paramHttps')!='') $https=Parameter::getGlobalParameter('paramHttps');
So you just have to add in your parameters.php file
$paramHttps='on';
​​​​​​​Fix will be deployed on V9.4.0
Babynus
Administrator of ProjeQtOr web site

Please Connexion or Create an account to join the conversation.

More
19 Jan 2022 20:51 #3 by vanrar68
Replied by vanrar68 on topic SAML endpoints problem when projeqtor located behind a reverse proxy
Works great on 9.4.2, thanks

Please Connexion or Create an account to join the conversation.

Moderators: babynusprotion
Time to create page: 0.047 seconds

Paramétrages de cookies

×

Cookies fonctionnels

Ce site utilise des cookies pour assurer son bon fonctionnement et ne peuvent pas être désactivés de nos systèmes. Nous ne les utilisons pas à des fins publicitaires. Si ces cookies sont bloqués, certaines parties du site ne pourront pas fonctionner.

Session

Veuillez vous connecter pour voir vos activités!

Autres cookies

Ce site web utilise un certain nombre de cookies pour gérer, par exemple, les sessions utilisateurs.

Login Form