ARIS Community - We Love BPM

Using SAML behind ReverseProxy

Christian.Heimerl's picture
by Christian Heimerl in Administration & User Management posted on 2018-01-26

Hi,

I have the following problem:

  • My ARIS server is in the Intranet on server intranet.xyz.net . The loadbalancer is configured like this.
  • I need to make ARIS Connect available to the Internet through a reverse proxy in the DMZ named internet.xyz.com using SAML using federation provider fed.xyz.com
  • I configured https://fed.xyz.com/idp/SSO.saml2 as SSO Url and all other required SAML fields in UMC
  • Now the user connects to internet.xyz.com which is given through to the ARIS server intranet.xyz.net (intransparent to the user).
  • The ARIS Server does not know the user and starts the SAML process

Is there a solution to the problem?

608 Views
0 Likes
1 Comments
There are no attachments
Christian Heimerl posted on 2018-01-26

Two additions:

  • We use ARIS 9.8.7
  • A potential could be the use of mod_substitute but I couldn't get it working on the ARIS Apache web server. Uncommenting the LoadModule line and adding the Substitute command (in several variations) did not work (also with a very simple Substitute String). Any ideas on that?