SP configuration for Apache virtual hosts

[Swartzentruber, Jeb A - swart2ja]

Steve,

The IdP returns to https://dev.sp.jmu.edu/Shibboleth.sso/SAML2/POST, which is "Page Not Found" ("POST /Shibboleth.sso/SAML2/POST HTTP/1.1" 404) in the access log. Is the problem that the vhost doesn't recognize <Location /Shibboleth.sso> defined in Apache's shib.conf?

Yes, I currently have UseCanonicalName On. When I turn it off, requests to dev.sp.jmu.edu are redirected to 

Thanks,


Jeb Swartzentruber
Identity and Access Management Application Developer
JMU Information Technology 

  Please do not print this e-mail unless necessary

-----Original Message-----
From: users <users-bounces at shibboleth.net> On Behalf Of Mak, Steve
Sent: Tuesday, 19 May, 2020 12:13
To: Shib Users <users at shibboleth.net>
Subject: Re: SP configuration for Apache virtual hosts

> always returned to https://dev.sp.jmu.edu/Shibboleth.sso/SAML2/POST

Logically this is correct SAML flow behavior. But what happens once the client reaches this URL?
That URL should be receiving the SAML response and if valid will redirect to relayState.

As Scott said, adding a vhost with same entityID should be as simple as adding an ACS to the sp metadata file and that's it. ShibSP will response dynamically to different domain names without any additional configuration, assuming the entityID is the same.


Also, are you using UseCanonical in your apache config?

- Steve




-- 
For Consortium Member technical support, see https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.shibboleth.net_confluence_x_coFAAg&d=DwIGaQ&c=eLbWYnpnzycBCgmb7vCI4uqNEB9RSjOdn_5nBEmmeq0&r=IzgAn3-b9q8g8sAUfXr1EQ&m=lAXaNkAHRyiw1lqhkaWkfdrePFrCeNhrlz0GuN0wHMk&s=8SOImuRK1lV6Kbq-C3LWgx12-E1bSYa1cYVY0y2AnUo&e= 
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net