I am trying to send the POST request that is sent from Authenticating shibboleth back to my web server, but I am only getting a GET request. When this GET request is proxied to my web server's callback, it only gets a "hello" which we set.
What I am trying to accomplish is to send the post through the proxy and receive it on my callback path and extract the attributes and save them.
This is my architecture that I currently have:
Web -> Shibboleth server (/secure) -> Authenticates to my IDP provider -> Returns with a POST method to /secure then I have here a my reversed proxy to send it to my web server, but only the GET method occurs.
These are the apache logs
[12/Jun/2018:19:40:03 +0000] "GET /secure HTTP/1.1" 302 841 (called to log in)
[12/Jun/2018:19:40:38 +0000] "POST /Shibboleth.sso/SAML2/POST HTTP/1.1" 302 238 (returning from the IdP)
[12/Jun/2018:19:40:38 +0000] "GET /secure HTTP/1.1" 200 5
My reverse proxy configuration:
<Location /secure >
AuthType shibboleth
ShibRequireSession On
ShibRequestSetting applicationId default
ShibUseHeaders On
Require valid-user
</Location>
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
ProxyRequests off
ProxyPass /secure https://mywebsite.com/login/callback
ProxyPassReverse /secure https://mywebsite.com/login/callback
ProxyPreserveHost On
Any help would be appreciated it!
I was able to send the headers through a RewriteRule:
RewriteRule /secure https://website.com/login/callback
But I use a Get callback method on the webserver and from there redirect to where I want.