How to overwrite the AssertionConsumerURL in SAML2 request

Jesper jesper.laursen at
Thu Aug 30 01:43:50 EDT 2018

We have a setup with Elastic Load Balancer (AWS) => EC2 instance with IIS
10.0 and Shibboleth SP 2.6.
Our IDP is on Microsoft Azure.
The problem we face is very simple I hope. The public facing DNS is
perfectly routed to the IIS 10.0.
The public address is "" and the EC2 IIS 10.0 instance is
running on "".
The /secure is working when we in the Azure tell that the replyURL is
"" because that is what Sihb SP sends in the SAML2 Request.
In fact all bindings are send as "" and not

There must be a simple hack to this. All the web routing is working - but
the generated SAML2 request from Shib SP contains the host name of IIS and
not the public facing host name.

Thanks for any input.
Have a nice day.

Sent from:

More information about the users mailing list