POST urls for multiple protected applications
Derek Ricciardi
d.ricciardi at gmail.com
Thu Apr 21 18:53:08 UTC 2022
Hello,
I have what I hope is an easy question. I have multiple subdomains that I
want to protect with a single SP instance. One domain/application is
currently working with IdP initiated SSO. My problem is I cannot access the
server variables in the second secured application (and it appears to the
application no session has been created, but I can see it has been in the
logs).
My domains look like
https://site1.example.net
https://site2.example.net
and my SP entity ID is https://site1.example.net/
Currently they’re using
https://site1.example.net/&TARGET=https://site1.example.net/auth/ExternalLogin&ACSIdx=1
<https://secureapplication.mhvfcu.net/&TARGET=https:/chatv2.mhvfcu.net&ACSIdx=1>
in their IdP and SSO is working fine in the first application. I was under
the impression they could use https://site1.example.net/&TARGET=
https://site2.example.net&ACSIdx=1
<https://secureapplication.mhvfcu.net/&TARGET=https:/chatv2.mhvfcu.net&ACSIdx=1>
for
the second application. Everything works, except the application doesn’t
believe it’s authenticated.
How is the application supposed to be specified in this URL? What format
should I be providing to the IdP?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20220421/4797420d/attachment.htm>
More information about the users
mailing list