Specify the SingleSignOnService HTTP-Redirect URL to use?
Terry Fleury
tfleury at illinois.edu
Thu Feb 7 12:17:52 EST 2013
Hello,
I have a very specific feature request that I'm not sure is available or
not.
Our SP needs to connect to an IdP which has multiple SingleSignOnService
endpoints of type "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
and we need to connect to the second one configured in the metadata.
Example in the metadata.xml file:
<SingleSignOnService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
Location="https://site1.example.com/sso"/>
<SingleSignOnService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
Location="https://site2.example.com/sso"/>
By default, site1.example.com is utilized since it appears first in the
metadata. The only way I could figure out to use site2.example.com was
to delete site1.example.com from the metadata. This is not a viable
solution for the InCommon metadata file.
So my questions are:
(1) Is it possible for the SP to specify to connect to
site2.example.com, either programatically (e.g., by using
SessionInitiator creation parameters) or via configuration?
(2) If not (1), would this be something that could easily be
implemented? If so, I would be happy to submit a feature request.
Thanks for the help!
Terry Fleury
tfleury at illinois.edu
More information about the users
mailing list