From 8782193d94c505f0a80ba2271c3d678cc6d4cad5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Johan=20Bj=C3=B6rklund?= Date: Mon, 20 Jan 2025 12:34:06 +0100 Subject: [PATCH] Fixes to get SSO 401 working. --- .../modules/soc/templates/sso/apache-site.conf.erb | 10 ++++++---- .../modules/soc/templates/sso/docker-compose.yml.erb | 2 +- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/global/overlay/etc/puppet/modules/soc/templates/sso/apache-site.conf.erb b/global/overlay/etc/puppet/modules/soc/templates/sso/apache-site.conf.erb index 03282ee..1df43d5 100644 --- a/global/overlay/etc/puppet/modules/soc/templates/sso/apache-site.conf.erb +++ b/global/overlay/etc/puppet/modules/soc/templates/sso/apache-site.conf.erb @@ -27,12 +27,14 @@ # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf - Alias /error /var/www/error - + Alias /.ssoerror /var/www/ssoerror + + Satisfy any + Allow from all AuthType None Require all granted - ErrorDocument 401 /error/401.html + ErrorDocument 401 /.ssoerror/401.html AuthType shibboleth @@ -69,7 +71,7 @@ <%- end -%> - ProxyPass "/error" ! + ProxyPass "/.ssoerror" ! ProxyPass "/" "<%= @service_endpoint %>/" ProxyPassReverse "/" "<%= @service_endpoint %>/" UseCanonicalName On diff --git a/global/overlay/etc/puppet/modules/soc/templates/sso/docker-compose.yml.erb b/global/overlay/etc/puppet/modules/soc/templates/sso/docker-compose.yml.erb index c2e770c..9ee8a7c 100644 --- a/global/overlay/etc/puppet/modules/soc/templates/sso/docker-compose.yml.erb +++ b/global/overlay/etc/puppet/modules/soc/templates/sso/docker-compose.yml.erb @@ -23,7 +23,7 @@ services: <% end -%> - ./shibboleth/sp-cert.pem:/etc/shibboleth/sp-cert.pem - ./shibboleth/sp-key.pem:/etc/shibboleth/sp-key.pem - - ./apache/401.html:/var/www/error/401.html:ro + - ./apache/401.html:/var/www/ssoerror/401.html:ro <% if @extra_proxy_conf -%> - <%= @extra_proxy_conf %>:<%= @extra_proxy_conf %> <% end -%>