Allow URLs other than the configured server name for SAML auth.
Review Request #12499 — Created Aug. 4, 2022 and submitted — Latest diff uploaded
The SAML authentication object is initialized with a particular HTTP
host, and will reject any requests that come in with other hostnames.
We've run into a case with a user where they want to use a reverse proxy
for some users that give them a different hostname for the Review Board
server, and while their proxy can rewrite URLs in requests and content,
it's failing to handle the auth because of this. This change adds a step
to allow any hostname which is properly configured in the
ALLOWED_HOSTS
setting to be passed through to the SAML library.
- Ran unit tests.
- Affected user reports that this solves their issue.