How to overwrite the AssertionConsumerURL in SAML2 request
Jesper
jesper.laursen at lego.com
Tue Sep 4 04:19:47 EDT 2018
Thanks that is understood.
But the key problem is where is this defined:
<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
AssertionConsumerServiceURL="https://PRIVATE/Shibboleth.sso/SAML2/POST"
Destination="https://login.microsoftonline.com/1d063515-6cad-4195-9486/saml2"
ID="_63cd096414985bde" IssueInstant="2018-09-04T08:00:40Z"
ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
Version="2.0">
<saml:Issuer
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://PUBLIC/idp/shibboleth
</saml:Issuer><samlp:NameIDPolicy AllowCreate="1"/></samlp:AuthnRequest>
Where can I define what is written in the AssertionConsumerServiceURL?
Because the normal web traffic is working fine back and forth from the Load
balancer and through IIS. The assembled SAML2 request is simply taking the
internal host name and append it with /Shibboleth.sso/SAML2/POST (As defined
in protocols.xml) - but how can I control the host name in IIS.
Sorry if I formulate it wrong - for me it seems like a simple thing I'm
overlooking...
Does the cert / key files (sp-cert/sp-keys) do the trick. Because the point
to the internal host name.
--
Sent from: http://shibboleth.1660669.n2.nabble.com/Shibboleth-Users-f1660767.html
More information about the users
mailing list