Thank @MrGeneration , shame on me, I was using the wrong endpoint.
However, I still have problems, maybe your or someone else can help me.
I’ve protected /auth/saml, and in fact if I point my browser to such URL I’m redirected to the IdP login page. So far, so good.
I do the login, then the browser is redirect again to /auth/smal and the error:
404: Requested resource was not found
No route matches [GET] /auth/saml
appears. The same 404 errror appears in the nginx logs.
Please note that in the /atuh/saml section of my ngnix I’ve placed:
location /auth/saml/ {
shib_request /shibauthorizer;
shib_request_use_headers on;
more_clear_input_headers 'displayName' 'mail' 'persistent-id';
proxy_read_timeout 300;
proxy_pass http://zammad-railsserver;
}
with zammad-railserver being the upstream, I’m not sure the above is correct:
upstream zammad-railsserver {
server 127.0.0.1:3000;
}
Do I have to specify the upstream server as in the above at the end of the /auth/saml block? Or something else?