我正在尝试在Hue™4.1中启用SAML并出现错误。问题在于,按照以下设置,连接从https到http:user–>https://hue.xyz.com:8889 --> LTM loadbalancer --> http://ip-addr:8889 (no SSL enabled in HUE)
。
SAML IDP登录页面出现,当尝试登录HUE时返回错误:错误请求(400)。在/var/log/hue/runcpserver.log中,我看到以下错误。 / saml2 / metadata xml在ACS URL <md:AssertionConsumerService Binding=“urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST” Location=“http://hue.xyz.com:8889/saml2/acs/” index=“1”/>
中显示http not https。有什么想法吗?
[17/Dec/2019 09:58:58 -0800] response ERROR https://hue.xyz.com:8889/saml2/acs/ not in [‘http://hue.xyz.com:8889/saml2/acs/’]
[17/Dec/2019 09:58:58 -0800] views WARNING Invalid SAML Assertion received (unknown error).
[17/Dec/2019 09:58:58 -0800] middleware INFO Processing exception: : Traceback (most recent call last):
File “/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/core/handlers/base.py”, line 112, in get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File “/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/db/transaction.py”, line 371, in inner
return func(*args, **kwargs)
File “/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/views/decorators/http.py”, line 41, in inner
return func(request, *args, **kwargs)
File “/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/views/decorators/csrf.py”, line 57, in wrapped_view
return view_func(*args, **kwargs)
File “/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/djangosaml2-0.16.4-py2.7.egg/djangosaml2/views.py”, line 276, in assertion_consumer_service
return fail_acs_response(request, status=400, exc_class=SuspiciousOperation)
File “/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/djangosaml2-0.16.4-py2.7.egg/djangosaml2/utils.py”, line 85, in fail_acs_response
return failure_function(request, *args, **kwargs)
File “/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/djangosaml2-0.16.4-py2.7.egg/djangosaml2/acs_failures.py”, line 22, in exception_failure
raise exc_class
SuspiciousOperation
[17/Dec/2019 09:58:58 -0800] access INFO 10.83.175.203 -anon- - “POST /saml2/acs/ HTTP/1.1” returned in 72ms
base_url=https://hue.xyz.com:8889