We are looking at implementing Caddy in place of IIS for a reverse proxy
we currently have 2 sites on the reverse proxy and as they sit they work fine
however we need to add federation to one of the sites and when we do that it fails to work properly
we have found that the problem with IIS is that when the site gets the federation request and it send it out through the reverse proxy the URL is being translated so that it never reaches the destination
user goes to Site aaa and that is behind a reverse proxy so it translates aaa to aaa.local and send the request along. aaa.local asks for creds and the user states they are email@example.com. aaa.local see that contoso.com is federated and needs to go to login.microsoftonline.com/saml2 and send redirects the login to that location. on the way out the reverse proxy sees that this and translates the request to aaa.com/saml2
we know the setting in IIS that is causing this and if we disable it then the authentication works however once the authentication is complete then the reverse proxy does not translate the other packets and tries to redirect the final destination to aaa.local which obviously is not good either.
has anyone setup caddy in a situation like this and does it work as expected.