HTTPS SP and HTTP IDP
Cantor, Scott
cantor.2 at osu.edu
Thu Mar 28 10:35:28 EDT 2013
On 3/28/13 6:40 AM, "jerome lebegue" <jerome.lebegue at gmail.com> wrote:
>
>The issue I run into is that, as soon as I point to the link
>https://sp.example.com I am redirected to https://idp.internal.com and
>not the http://idp.internal.com I am expecting ...
Either the metadata is wrong, or your network of systems is modifying or
redirecting the requests. Trace the traffic and you can find out which.
>Does SP and IDP access schemes have to be the same ?
No, but you absolutely should not be using SAML over http, particular at
the IdP end. Using a load balancer is not a justification for doing that
and you should make it a priority to fix it.
-- Scott
More information about the users
mailing list