SAML issue: Status code 200

Hello,

I have recently configure SAML authentication for ShinyProxy, when navigating to the base URL i correctly get redirected to the microsoft login panel where i can authenticate against Azure AD.

However, once the authentication has been complete, it is redirecting back to “www.urlhere.com//saml/SSO” and displaying an error saying status OK.

tempsnip

I have ShinyProxy running in a kubernetes clusters along with NGINX serving as a reverse proxy. I believe the saml configuration in the application.yml file is correct so unsure how to proceeed.

Please see below screenshots of my application.yml and nginx ssl configuration.

Currently troubleshooting the same message here, too (also using nginx as reverse proxy as one service in a composition of services defined in a docker-compose.yml file), so happy to share ideas or approaches with regards to debugging.

Did you attach your application.yml and nginx ssl config to your post? Perhaps by way of a github gist unless this system itself allows adding attachments (haven’t found how to do that myself).

Additional materials that could be useful:

  • log messages from shinyproxy (can you share your log messages?)
  • see this ‘saml_decode.R’ script for displaying what is at the …/saml/SSO, it allows for double-checking what is inside what gets sent to the IdP at some step of the auth sequence.
  • settings from the metadata on the IdP, in particular the md:AssertionConsumerService tag’s Location attribute
  • the settings generated on the shinyproxy side for the metadata (but I’m not sure how to get hold of those, there doesn’t seem to be any shinyproxy API endpoint to query that judging from code here and associated docs, and trying to get to the “saml/metadata” I’m not getting it using curl -L -i -k http://myservername/saml/metadata and I’m not sure it is exposed looking at this
  • are you using useForwardHeaders: true for the server settings in application.yml?
1 Like