SAML error with https url

Administrator: installation, configuration
#1

Hi Experts,

I am trying to enable SAML in Hue™ 4.1 and have an error. The issue is the connection goes from https to http as the below setup: user–>https://hue.xyz.com:8889 --> LTM --> http://ip-addr:8889 (no SSL enabled in HUE).

The SAML IDP login pages comes up and when trying to login HUE returns error: Bad Request (400) . In the /var/log/hue/runcpserver.log I see below errors. The /saml2/metadata xml shows http not https in the ACS url <md:AssertionConsumerService Binding=“urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST” Location=“http://hue.xyz.com:8889/saml2/acs/” index=“1”/>. Before spending much time digging does anyone have any ideas how to resolve??

[17/Dec/2019 09:58:58 -0800] response ERROR https://hue.xyz.com:8889/saml2/acs/ not in [‘http://hue.xyz.com:8889/saml2/acs/’]
[17/Dec/2019 09:58:58 -0800] views WARNING Invalid SAML Assertion received (unknown error).
[17/Dec/2019 09:58:58 -0800] middleware INFO Processing exception: : Traceback (most recent call last):
File “/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/core/handlers/base.py”, line 112, in get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File “/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/db/transaction.py”, line 371, in inner
return func(*args, **kwargs)
File “/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/views/decorators/http.py”, line 41, in inner
return func(request, *args, **kwargs)
File “/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/views/decorators/csrf.py”, line 57, in wrapped_view
return view_func(*args, **kwargs)
File “/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/djangosaml2-0.16.4-py2.7.egg/djangosaml2/views.py”, line 276, in assertion_consumer_service
return fail_acs_response(request, status=400, exc_class=SuspiciousOperation)
File “/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/djangosaml2-0.16.4-py2.7.egg/djangosaml2/utils.py”, line 85, in fail_acs_response
return failure_function(request, *args, **kwargs)
File “/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/djangosaml2-0.16.4-py2.7.egg/djangosaml2/acs_failures.py”, line 22, in exception_failure
raise exc_class
SuspiciousOperation

[17/Dec/2019 09:58:58 -0800] access INFO 10.83.175.203 -anon- - “POST /saml2/acs/ HTTP/1.1” returned in 72ms