IDP 3 Endpoint error

Peter Schober peter.schober at
Wed May 6 19:09:36 EDT 2015

* NPTabunakawai <nimcee at> [2015-05-07 00:45]:
> Thanks for the reply, yes we have httpd listening on 80 and 443 (also added
> 8443).The generated idp metadata endpoints refer to https://servername
> without any port.

That's fine. Make sure then to have Tomcat listen /only/ on the AJP
port (8009, by default) and only on the loopback interface, and proxy
(via mod_proxy_ajp, like Scott said) everything to that port from the
virtualhosts on ports 443 and 8443 (with special back channel settings
in httpd).

Unless you don't actually need httpd in the mix, that would change
everything, of course.

More information about the users mailing list