SAML Infinite Redirects

[Ian Atol]

Hey all,

I've been trying to set up cBioPortal with SAML auth, using Okta as our IDP and nginx as a reverse proxy. Currently, I can get to the IDP login screen, but get infinitely redirected after a successful login. Could some one look over my configuration and help to debug?

portal_props.png shows my portal.properties .The idp.metadata.entityid is from cBioPortal_for_Ucla.xml, which was provided by our IT dept. I have entitybaseurl set to null, as some have suggested to use the --base-proxy-url flag instead.

In docker-compose.yml, I mount samlKeystore and the IDP metadata as volumes, and I also have --Dauthenticate=saml and ---base-proxy-url set to https://<our_fqdn>

Finally, our IDP SAML configuration is shown in idp_saml.png. I also tried https://<our_fqdn>/saml/sso for these URLs, but ran into the same problem.

Thanks,

Ian Atol

[Benjamin Gross]

Hi Ian,

Can you provide a log file from the webservice?  It should be able to provide an indication of what is happening.  Info on how to get logging turned on in the security library can be found here:

https://docs.cbioportal.org/deployment/authorization-and-authentication/authenticating-users-via-saml/#logging

Best,

Benjamin

--
You received this message because you are subscribed to the Google Groups "cBioPortal for Cancer Genomics Discussion Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cbioportal+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/cbioportal/cf07f035-4b7f-4d22-b14a-4862e4795e4bn%40googlegroups.com.
<portal_props.png><idp_saml.png>