Shibboleth 3.x & Multiple Sites on IIS Server

Bhagwat, Shrikant shrbhagw at
Mon Feb 3 20:57:05 EST 2020

We will be using UMich_Health System Central IDP. 
Users will access Site1 & Site2 (hosted on same IIS Server) by separate URL. So I think "SP Entity ID" will be different. 
We have done single Site IIS Server several times, but doing multiple sites for first time. 

-----Original Message-----
From: users <users-bounces at> On Behalf Of Peter Schober
Sent: Monday, February 3, 2020 3:15 PM
To: users at
Subject: Re: Shibboleth 3.x & Multiple Sites on IIS Server

External Email - Use Caution

* Bhagwat, Shrikant <shrbhagw at> [2020-02-03 21:05]:
> We looked in our case we don't need to use ApplicationOverride 
> element. Both sites site1 & site2 are very much similar.
> I could not figure out how to add second site "site2.lan" in 
> ApplicationDefault Element. Or is it not necessary.

Since AFAICT you state above that you "don't need to use ApplicationOverride element" I think that question is moot?

> I am the IDP Admin as well as SP admin.

OK. I was simply assuming you'd be using UMich's central IDP.

> Also how do I get them separate entityID for each site id I need.

Of the sites are "very much similar" (as you said yourself. above) I wouldn't give them separate entityIDs. Those are only useful if the IDP must differentiate those SPs somehow, usually for differing attribute release or other policies.

If you *know* you must use different entityIDs there's the 'entityIDself' content setting. For use within the RequestMap see:

For Consortium Member technical support, see
To unsubscribe from this list send an email to users-unsubscribe at

Electronic Mail is not secure, may not be read every day, and should not be used for urgent or sensitive issues 

More information about the users mailing list