Shibboleth - ADFS - AssertionConsumerServiceURL containing IP address of the app server
Losen, Stephen C (scl)
scl at virginia.edu
Fri Oct 4 10:59:00 EDT 2019
Hi Uday,
Looks like you browsed your SP using a URL like https://10.20.30.40/... Try testing with a local /etc/hosts file on your browser machine with this line
10.20.30.40 hello.world.com
and then browse with https://hello.world.com/...
Or maybe the Apache directive "UseCanonicalName On" will help.
Steve Losen
ITS - Enterprise Infrastructure
University of Virginia
scl at virginia.edu<mailto:scl at virginia.edu> 434-924-0640
From: users <users-bounces at shibboleth.net> On Behalf Of uday.chandra.kumar
Sent: Friday, October 4, 2019 4:08 AM
To: users at shibboleth.net
Subject: Shibboleth - ADFS - AssertionConsumerServiceURL containing IP address of the app server
We are using Apache HTTP server, Shibboleth as SP and Azure ADFS being IdP in our ESO setup. Post authentication of user credentials, when I inspected SAML, I found that the value against AssertionConsumerServiceURL in the SAML is 'https://10.20.30.40/Shibboleth.sso/SAML2/POST'. But this should be 'https://hello.world.com/Shibboleth.sso/SAML2/POST', as I have configured the same as reply-URLs in ADFS. NOTE: In my Apache HTTP server's config file, value against 'ServerName' attribute is 'hello.world.com'. Can you please help me understand how to get this working? Thanks
Uday
________________________________
Sent from the Shibboleth - Users mailing list archive<https://shibboleth.1660669.n2.nabble.com/Shibboleth-Users-f1660767.html> at Nabble.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20191004/239a245e/attachment.html>
More information about the users
mailing list