Adding SSL info for SimpleSAMLphp configuration. (#1542)

acquia · May 30, 2017 · ec2ec0e · ec2ec0e
1 parent 49e541e
commit ec2ec0e
Showing 1 changed file with 15 additions and 0 deletions.
diff --git a/readme/simplesamlphp-setup.md b/readme/simplesamlphp-setup.md
@@ -58,6 +58,20 @@ Request the remote IdP metadata (XML) from the customer. Note that each environm
 
               $config['admin.protectindexpage'] = TRUE;
               $config['admin.protectmetadata'] = TRUE;
+      1. Optionally set the following values to prevent Varnish from interfering with SimpleSAMLphp.
+
+       // Prevent Varnish from interfering with SimpleSAMLphp.
+       // SSL terminated at the ELB/balancer so we correctly set the SERVER_PORT
+       // and HTTPS for SimpleSAMLphp baseurl configuration.
+       $protocol = 'http://';
+       $port = ':80';
+       if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {
+         $_SERVER['SERVER_PORT'] = 443;
+         $_SERVER['HTTPS'] = 'true';
+         $protocol = 'https://';
+         $port = ':' . $_SERVER['SERVER_PORT'];
+       }
+       $config['baseurlpath'] = $protocol . $_SERVER['HTTP_HOST'] . $port . '/simplesaml/';
 
 1. Configure IdP Remote Metadata.
 
@@ -124,3 +138,4 @@ Repeat the following steps for each environment that requires SAML authenticatio
 * [SAML Chrome Panel](https://chrome.google.com/webstore/detail/saml-chrome-panel/paijfdbeoenhembfhkhllainmocckace) extends the Chrome Developer Tools, adding support for SAML Requests and Responses to be displayed in the Developer Tools window.
 
 * [SAML tracer](https://addons.mozilla.org/en-US/firefox/addon/saml-tracer/) for Firefox is a tool for viewing SAML messages sent through the browser during single sign-on and single logout.
+