Trying to setup a local environment with the authn MFE to make changes to the frontend. SAML login doesn’t work though, failing with the following error message:
Authentication failed: SAML login failed: ['invalid_response'] (The response was received at http://local.overhang.io/auth/complete/tpa-saml/ instead of http://local.overhang.io:8000/auth/complete/tpa-saml/)
The SAML Request has the URL set correctly:
<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ... AssertionConsumerServiceURL="http://local.overhang.io:8000/auth/complete/tpa-saml/"
Also the SAML Response has the destination set correctly (thats also the redirect URL):
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Destination="http://local.overhang.io:8000/auth/complete/tpa-saml/"
I guess SAML expects the response to either be received at 80 (ENABLE_SSL false) or 443 (ENABLE_SSL true) and doesn’t consider the fact that the local dev instance runs at port 8000.