I'm implementing SAML support on my site. I'm using OneLogin's Python SAML Toolkit in my Django app to do this. Everything works fine connecting to both a OneLogin test app and an Azure app when it's with my local machine, either http://127.0.0.1:8000 (completely local) or http://192.168.x.x:800 (local network). As soon as I try this on my staging server, which forces all URLs to https, things fail. IE11 fails to POST any data at all in the identity provider's response, which is weird, and generally I get errors from the Toolkit like so:
The response was received at https://dev.mysite.com:80/saml/connect/ instead of https://dev.mysite.com/saml/connect/
So while things should be configured properly, the IdP winds up trying to POST back to my staging server on port 80, which confuses things. If I set it all up to use port 80 from the start, Chrome freaks out because it doesn't trust https://...:80 as secure. I can't find any docs or SO questions referencing this issue; all I've seen is this note in the OneLogin Python setup instructions:
Important: Ensure that your URLs begin with http, not https.
but there's no explanation as to WHY. I am thoroughly confused.
python-saml supports https or http.
All you need is to set properly the values of the request, check this demo with the prepare_django_request method ( https://github.com/onelogin/python-saml/blob/master/demo-django/demo/views.py#L18 )