We have setup a FME server with app gateway as the load balancer. App gateway (App Gateway IP) is mapped to Azure Front Door. Azure Front door URL is mapped with the public DNS. When user logins using SAML credentials (IDP: Azure Active Directory), user login is successful but it is redirect the application to Application Gateway URL rather than public URL (which is mapped to Azure Front Door).
+10
- Contributor
- 217 replies
-
20 August 2022
Hi @deepakb ,
On our Market place offerings what we do is pass the FQDN of the Public IP into the FME Server installers so that the redirect uses the pubic URL. I can see there may be an advantage in having the URL for this web app be editable in the UI like other Services, and I'll make an enhancement for that, but for now, my recommended approach would be to re-install FME Server using the Azure Front Door as the installation name.
Hi @deepakb ,
On our Market place offerings what we do is pass the FQDN of the Public IP into the FME Server installers so that the redirect uses the pubic URL. I can see there may be an advantage in having the URL for this web app be editable in the UI like other Services, and I'll make an enhancement for that, but for now, my recommended approach would be to re-install FME Server using the Azure Front Door as the installation name.
Thanks for the update, Richard! is there any way I can modify the configuration in Core server? I have tried by updating the variable "FME_SERVER_WEB_URL" in fmeServerConfig.txt as directed in the HTTPS setting. Refer step 5(b) under Using a PFX or P12 Certificate: Configuring for HTTPS (safe.com)
Regarding your comment around using the Front Door URL during deployment, we are using the distributed deployment model and only option I can see under networking is, specify public IP or specify None. I don't see a way to define Azure Front Door FQDN during deployment. See attached screenshot for your reference.
+10
- Contributor
- 217 replies
-
22 August 2022
Hi @deepakb ,
Changing the FME_SERVER_WEB_URL may be a good place to start to confirm the issue. While changing this manually will probably work for existing core machine any machine that starts up newly from the scale set will still have the old setting. Setting this may isolate the issue. If that the case then the only way to change this for a Marketplace deployment for good is to get the ARM template and modify the externalhostname parameter.
Hi @deepakb ,
Changing the FME_SERVER_WEB_URL may be a good place to start to confirm the issue. While changing this manually will probably work for existing core machine any machine that starts up newly from the scale set will still have the old setting. Setting this may isolate the issue. If that the case then the only way to change this for a Marketplace deployment for good is to get the ARM template and modify the externalhostname parameter.
Hi @richardatsafe , I have already tried it and it worked if I login with admin/admin credentials. If I try to login with SAML, browser redirects user to the app gateway URL (which is a public IP FQDN) and not the public FQDN (which is mapped to Azure front door URL). Note: FME_SERVER_WEB_URL is set to public FQDN.
Thanks
Deepak
+10
- Contributor
- 217 replies
-
31 August 2022
Update: @deepakb found the fix. Under App Gateway configuration, you will have to overwrite the host header to FQDN name. Default is set to pickup the domain name from the backend which actually picks the App Gateway public IP URL
Reply
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.