Multiple SP from same apache-Shibboleth configuration
Peter Schober
peter.schober at univie.ac.at
Wed Apr 2 08:02:13 EDT 2014
* Aravindhan A <apitest4 at gmail.com> [2014-04-02 13:47]:
> But the problem now is , I configured the SP endpoints in the url
> "10.0.0.11/Shibboleth.sso", But i have added another virtual host which is
> accessible in the apache server in the following URL
> "10.0.0.11:4545".
I wouldn't seperate resources based on tcp ports but that's your call.
> So what is i am asking about is , Is there any way to configure both
> these url(10.0.0.11/Authentication and
> 10.0.0.11:4545/Authentication) to use the same SP?
1. Make sure each httpd vistual host has a fully qualified ServerName
directive, e.g. "ServerName http://10.0.0.11:80" for the first one and
"ServerName http://10.0.0.11:4545" for the second.
2. If you want to use the same entityID (same logical SP, as far as
SAML IDPs will be concerned) for both resources the SP's SAML
metadata will need to include protocol endpoints for both virtual
hosts, i.e. you would duplicate any relevant endpoints (possibly
only ACS URLs) to match both virtual hosts/ports.
Either way, but especially if you want seperate entityIDs for each
virtual host (to allow IDPs to differentiate the logocal SPs), have a
look at the documentation:
https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPApplicationModel
-peter
More information about the users
mailing list