On Fri, Jun 17, 2022 at 10:52 AM Timothy A. Dilbert | BMT < [email protected]> wrote:
> Figured it out. > > I was able to switch Tomcat over to SSL, which fixed the SAML issue. > Thanks for posting your solution - I'll just add that that you can usually set your front-end proxy (HAProxy in your case, but Nginx and Apache httpd, as well) to forward the protocol through. This has come up on the mailing list a few times for folks using other proxy software (Nginx, for example). Here was Mike's response to one of those questions: https://lists.apache.org/thread/hvd23yylm3lr9swkqxghvwlro8nlgg95 Basically you need to tell the proxy software to forward through some other items. Based on a couple of searches, it seems like HAProxy achieves this through the "http-request set-header" options, which I would imagine could be used for any/all of the required headers. The following page has some discussion/reference for it - I've not actually tried it, so I can't provide a complete working configuration, but should point in the right direction: https://stackoverflow.com/questions/51928504/x-forwarded-proto-https-in-frontend-or-backend-haproxy -Nick >
