Multiple URL's for one application

[Jonathan Knight]

On 20/01/2012 15:01, Cantor, Scott wrote:
> All of your endpoints need to be in metadata. You apparently omitted some
> in whatever process you follow to register your metadata with the IdP(s)
> involved.

That's the bit that confuses me.

If I have a URL of http://owen.vle.keele.ac.uk/ that also answers 
http://students.keele.ac.uk/ then it makes sense to register both with 
the IdP.

However, the http://students.keele.ac.uk/ is actually fed through a load 
balancer and is actually being answered by 5 different boxes. 
count.vle.keele.ac.uk, oscar.vle.keele.ac.uk, bert.vle.keele.ac.uk, 
grover.vle.keele.ac.uk as well as owen.vle.keele.ac.uk.

If the IdP ever tried to contact students.keele.ac.uk then its unlikely 
it would even be talking to the same box that the user was trying to log 
in to.  Assuming the IdP doesn't maintain cookies there's every 
possibility that if it makes multiple requests, they would be answered 
by different boxes.

So I was working on the plan that regardless of what URL was used to 
access owen.vle.keele.ac.uk they key to making it work was for owen to 
call the IdP using owen.vle.keele.ac.uk and hide the fact that the user 
has used students.keele.ac.uk.

The simplest means of doing that is to use turn on the canonical name in 
Apache, however that also changes the URL for the user so they then see 
the owen.vle.keele.ac.uk name and the fail over in the load balancer 
will no longer work.

What I'd like to achieve is for the IdP to always be given the 
owen.vle.keele.ac.uk name so it knows which of the 5 boxes called it, 
but the end user still sees the students.keele.ac.uk name in their URL's 
so they don't know which box they're talking to.



Jon.