Allow URLs other than the configured server name for SAML auth.

Review Request #12499 — Created Aug. 4, 2022 and submitted — Latest diff uploaded

david
Review Board
release-5.0.x
reviewboard

The SAML authentication object is initialized with a particular HTTP
host, and will reject any requests that come in with other hostnames.
We've run into a case with a user where they want to use a reverse proxy
for some users that give them a different hostname for the Review Board
server, and while their proxy can rewrite URLs in requests and content,
it's failing to handle the auth because of this. This change adds a step
to allow any hostname which is properly configured in the
ALLOWED_HOSTS setting to be passed through to the SAML library.

  • Ran unit tests.
  • Affected user reports that this solves their issue.

Commits

Files

Loading...