SSO login redirect override URL is not working

[gmtime]

ISSUE TYPE

• Bug Report

SUMMARY

After upgrading to 16.0.0, SSO Login redirect override URL is no longer working.

"Settings->System->Miscellaneous System settings->Details" correctly shows "Login redirect override URL" setting (for example: /sso/login/saml/?idp=MYIDP), but editing is not possible and users are no longer automatically redirected.

ENVIRONMENT

• AWX version: 16.0.0
• AWX install method: docker on linux
• Operating System: any
• Web Browser: any

STEPS TO REPRODUCE

1. go to Settings->System->Miscellaneous System settings->Details
2. click on Edit
3. "Login redirect override URL" edit field is missing

EXPECTED RESULTS

1. go to Settings->System->Miscellaneous System settings->Details
2. click on Edit
3. enter data for "Login redirect override URL"
4. users automatically redirected to SSO

ACTUAL RESULTS

1. it's not possible to add/edit SSO override URL ("Login redirect override URL")
2. users are not redirected to SSO

ADDITIONAL INFORMATION

Also, would it be possible, when using SSO, to have SSL (SAML) icon and text dominantly displayed inside the login box? Currently, there is no text and the icon (UserCircleIcon) is too small. For SSO (SAML) users it is difficult to figure out that in order to login one needs to click on that tiny-microscopic-icon.

[ryanpetrello]

@mabashian @jakemcdermott do you have an issue to track adding this support back into the new UI (if not, we can use this one)?

#1886
#5479

[jakemcdermott]

👋 Hello, @gmtime I couldn't reproduce this. I see the redirect override field and can update its value:

I used an admin user on a fresh install. Are there any additional set up steps I should do? If you can still reproduce the bug, would you be able to post a screenshot?

[ryanpetrello]

@jakemcdermott I think they're suggesting that after successful login, the browser is not redirecting to this URL i.e.,

https://github.com/ansible/awx/pull/5479/files#diff-82df1a8c96813927cf31345d61c02a0f7532cd8880d699ee7b23e041afb0259dR388

[gmtime]

Correct, it's not redirecting. Also, I don't seem to be able to edit the redirect URL (see screenshots). There is also a question of having really small SSO icon (hard to find).

[gmtime]

BTW, that's an upgrade from 15.0.1 to 16.0.0 - I did not try with the fresh install.

[gmtime]

Regarding Login and SSO, it would be great it we could customize SSO label and icon (e.g. "MyCompany SSO Users Log In Here")

[gmtime]

@jakemcdermott I think they're suggesting that after successful login, the browser is not redirecting to this URL i.e.,

https://github.com/ansible/awx/pull/5479/files#diff-82df1a8c96813927cf31345d61c02a0f7532cd8880d699ee7b23e041afb0259dR388

@ryanpetrello, @jakemcdermott, just a small correction: it's not that after successful login the browser is not redirecting, it's the login process itself.

Before 16.0.0, with Login Redirect Override URL users were immediately redirected to SSO page to login - now we always get AWX login page. Clicking on SAML icon will execute SSO process correctly and users will login correctly - that works - but transparent SSO login does not work any more.

[mabashian]

This smells like ui-specific issue to me so I'm going to remove the api label.

[balonik]

AWX 17.1.0 has the same issue with Login redirect override URL.

And I have raised another issue for the Login icons #9554

[jakemcdermott]

Additional notes on expected behavior - The auto-redirect should only kick-in when there is exactly one SSO provider configured. If there is more than one then we don't redirect