ReviewBoard SSO with Azure AD

20 views
Skip to first unread message

Enzo

unread,
Feb 26, 2024, 11:23:58 AMFeb 26
to Review Board Community
Hello!

I was wondering if anyone had more precise instructions on configuring Sign-on with SAML for a web application with Azure AD (Now Entra ID).

I have created an enterprise application and enabled SAML. However, when I try to use "Log in with SAML" on the application, I receive a 502 Bad Gateway error code.

In the Docker-compose logs, I can find the following error:

  • nginx_1        | 172.23.0.6 - - [26/Feb/2024:05:08:57 +0000] "GET /jsi18n/ HTTP/1.1" 304 0 "https://example.com/account/login/?next=/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36 Edg/121.0.0.0" "125.102.190.34"
  • reviewboard_1  | [2024-02-26 05:08:57 +0000] [2421] [DEBUG] GET /account/sso/saml/login/
  • nginx_1        | 172.23.0.6 - - [26/Feb/2024:05:08:57 +0000] "GET /account/sso/saml/login/?next=/ HTTP/1.1" 302 0 "https://example.com/account/login/?next=/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36 Edg/121.0.0.0" "125.102.190.34"
  • reviewboard_1  | [2024-02-26 05:08:57 +0000] [2421] [DEBUG] Closing connection.
  • reviewboard_1  | [2024-02-26 05:08:57 +0000] [2421] [DEBUG] GET /health/
  • reviewboard_1  | [2024-02-26 05:08:57 +0000] [2421] [DEBUG] Closing connection.
  • reviewboard_1  | [2024-02-26 05:08:59 +0000] [2309] [DEBUG] POST /account/sso/saml/acs/
  • reviewboard_1  | [2024-02-26 05:08:59 +0000] [20] [ERROR] Worker (pid:2309) was sent code 139!
  • nginx_1        | 2024/02/26 05:08:59 [error] 35#35: *136 upstream prematurely closed connection while reading response header from upstream, client: 172.23.0.6, server: example.com, request: "POST /account/sso/saml/acs/ HTTP/1.1", upstream: "http://172.23.0.5:8080/account/sso/saml/acs/", host: "example.com", referrer: "https://login.microsoftonline.com/"
  • nginx_1        | 172.23.0.6 - - [26/Feb/2024:05:08:59 +0000] "POST /account/sso/saml/acs/ HTTP/1.1" 502 559 "https://login.microsoftonline.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36 Edg/121.0.0.0" "125.102.190.34"
  • reviewboard_1  | [2024-02-26 05:08:59 +0000] [2437] [INFO] Booting worker with pid: 2437
  • reviewboard_1  | [2024-02-26 05:09:28 +0000] [2421] [DEBUG] GET /health/
  • reviewboard_1  | [2024-02-26 05:09:28 +0000] [2421] [DEBUG] Closing connection.

Regarding authentication settings, I picked these options:

  • Signature algorithm: DSA-SHA1
  • Digest algorithm: SHA1
  • NameID format: Email address
  • Custom email attribute: user.mail
  • Custom first name attribute: user.firstname
  • Custom last name attribute: user.lastname
  • Custom full name attribute: user.fullname

Additionally, I'm using Caddy as a reverse proxy within the same Docker-compose file, which handles HTTPS.

Thanks in advance!

David Trowbridge

unread,
Feb 26, 2024, 11:26:16 AMFeb 26
to revie...@googlegroups.com
Hi,

It looks like your server name is set to "https://example.com" in the Review Board General Settings page. SAML requires the server name to be set correctly to whatever domain your IdP is expecting.

David

--
Supercharge your Review Board with Power Pack: https://www.reviewboard.org/powerpack/
Want us to host Review Board for you? Check out RBCommons: https://rbcommons.com/
Happy user? Let us know! https://www.reviewboard.org/users/
---
You received this message because you are subscribed to the Google Groups "Review Board Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/reviewboard/864c8860-5174-47b8-86b7-269d2cb7093en%40googlegroups.com.

Enzo

unread,
Mar 4, 2024, 11:04:10 PMMar 4
to Review Board Community
I'm sorry, I didn't saw your reply earlier. I'm gonna try that again later. Thanks
Reply all
Reply to author
Forward
0 new messages