Allow URLs other than the configured server name for SAML auth.

Review Request #12499 — Created Aug. 4, 2022 and submitted

david
Review Board
release-5.0.x
reviewboard

The SAML authentication object is initialized with a particular HTTP
host, and will reject any requests that come in with other hostnames.
We've run into a case with a user where they want to use a reverse proxy
for some users that give them a different hostname for the Review Board
server, and while their proxy can rewrite URLs in requests and content,
it's failing to handle the auth because of this. This change adds a step
to allow any hostname which is properly configured in the
ALLOWED_HOSTS setting to be passed through to the SAML library.

  • Ran unit tests.
  • Affected user reports that this solves their issue.
Summary
Allow URLs other than the configured server name for SAML auth.
chipx86
  1. Ship It!
  2. 
      
david
Review request changed

Status: Closed (submitted)

Change Summary:

Pushed to release-5.0.x (c4720f4)
Loading...