Multiple URL's for one application

Cantor, Scott cantor.2 at
Fri Jan 20 17:11:24 GMT 2012

On 1/20/12 11:35 AM, "Jonathan Knight" <j.knight at> wrote:

>However, the is actually fed through a load
>balancer and is actually being answered by 5 different boxes.
> as well as

That doesn't matter. What matters is what each web server thinks its name
is for each request, as it expects the client to see them. If you want the
URL to be fixed to that hostname, then each server must be virtualized to
use that name.

>If the IdP ever tried to contact then its unlikely
>it would even be talking to the same box that the user was trying to log
>in to.  Assuming the IdP doesn't maintain cookies there's every
>possibility that if it makes multiple requests, they would be answered
>by different boxes.

Then you need to fix the virtualization to reflect that. You claimed not
to be doing virtual hosts, but that's exactly what a virtual host is,
something whose physical and logical properties don't match.

>What I'd like to achieve is for the IdP to always be given the
> name so it knows which of the 5 boxes called it,
>but the end user still sees the name in their URL's
>so they don't know which box they're talking to.

The IdP isn't talking to the box at all, the client is. If you want the
client to talk to "students", then all requests, redirects, and SAML
endpoints need to be in those terms, and every back end server must be
virtualized to use that hostname.

-- Scott

More information about the users mailing list