SP configuration issue

Cantor, Scott cantor.2 at osu.edu
Fri May 31 12:31:25 EDT 2013

> I am trying to protect https://app.host.com/sub  and have a load balancer
> that is directing traffic for https://app.host.com/sub to a different
> server then where app.host.com is getting served from.

Where is the SP though? If it's on the front-end, then you still don't need to move the handler location down into /sub. You can, but I really don't suggest it unless you plan to make use of app overrides later. You're using them now, but there isn't a clear indication as to why from your message, so you may not need all this complexity.

> When I do wget for the metadata via localhost on the terminal I am able to
> grab the metadata just fine. Although in the metadata is listing all the
> locations as https://app.host.com/Shibboleth.sso/ not
> https://app.host.com/app/Shibboleth.sso/

There metadata cannot and should not be used directly, and there are many reasons why. But in the specific case here, if you access /Shibboleth.sso/Metadata, that is certainly what it will return. If you access /sub/Shibboleth.sso/Metadata, the endpoints will be different.

-- Scott

More information about the users mailing list