SSO with multiple Google domains
Peter Schober
peter.schober at univie.ac.at
Mon Jan 19 10:50:23 EST 2015
* Andrew Cheung <acheung at brookfieldres.com> [2015-01-19 16:22]:
>
> I used SAML tracer in firefox to examine the SAML requests, and observed
> that the first SAML request has
>
> AssertionConsumerServiceURL="https://www.google.com/a/dev.mysiteA.ca/acs"
>
> although I am trying to access http://mail.google.com/dev.mysiteB.com
>
> The SAML response has
>
> <saml2p:Response Destination="https://www.google.com/a/dev.mysiteA.ca/acs"
>
> instead of the secondary domain (dev.mysiteB.com) as well.
If the request from Google is incorrect you can't fix it with
Shibboleth configuration. I.e., looks like you'd need to change
something on their end for the requests to be correct/different.
-peter
More information about the users
mailing list