<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On Fri, Mar 2, 2018 at 9:13 AM, William Eubank <span dir="ltr"><<a href="mailto:william.eubank@uah.edu" target="_blank">william.eubank@uah.edu</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div>I'm trying to figure out how to use the same SP entityID for a host and a vhost.  I've been trying applicaitonoverrides and ACS rules, requestmapping, but haven't had success yet.  Has anyone done this and if so would you be willing to share how?</div><div><br></div><div>I'd like to avoid having to generate a new entity id for each vhost, update the sp metadata, then update the idp metadata.  This is an internal server so I am less worried about security than usual, more about convenience.</div></div></blockquote><div><br></div><div>You don't need a new entity ID, and if you don't care about overrides, you don't need them.  You'll need to add vhost ACS endpoints to your SP metadata, however.  The IdP metadata wouldn't change, but it will, of course, need the updated SP metadata.</div><div><br></div><div>This is discussed here: <a href="https://wiki.shibboleth.net/confluence/display/CONCEPT/MetadataForSP#MetadataForSP-AssertionConsumerServices">https://wiki.shibboleth.net/confluence/display/CONCEPT/MetadataForSP#MetadataForSP-AssertionConsumerServices</a></div><div><br></div><div>If you take the example:</div><div><div class="gmail-line gmail-number24 gmail-index23 gmail-alt1" style="margin:0px;padding:0px 1em 0px 0px;border-radius:0px;background:0px 50% rgb(255,255,255);border:0px;float:none;height:auto;line-height:20px;outline:0px;overflow:visible;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;font-weight:400;font-style:normal;font-size:14px;min-height:inherit;white-space:nowrap;color:rgb(51,51,51);font-variant-ligatures:normal;font-variant-caps:normal;letter-spacing:normal;text-indent:0px;text-transform:none;word-spacing:0px;text-decoration-style:initial;text-decoration-color:initial"><code class="gmail-xml gmail-plain" style="font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;border-radius:0px;background:0px 50%;border:0px;float:none;height:auto;line-height:20px;margin:0px;outline:0px;overflow:visible;padding:0px;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-weight:normal;font-style:normal;font-size:14px;min-height:inherit;color:rgb(0,0,0)"><</code><code class="gmail-xml gmail-keyword" style="font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;border-radius:0px;background:0px 50%;border:0px;float:none;height:auto;line-height:20px;margin:0px;outline:0px;overflow:visible;padding:0px;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-style:normal;font-size:14px;min-height:inherit;font-weight:bold;color:rgb(51,102,153)">md:AssertionConsumerService</code><span> </span><code class="gmail-xml gmail-color1" style="font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;border-radius:0px;background:0px 50%;border:0px;float:none;height:auto;line-height:20px;margin:0px;outline:0px;overflow:visible;padding:0px;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-weight:normal;font-style:normal;font-size:14px;min-height:inherit;color:rgb(128,128,128)">Location</code><code class="gmail-xml gmail-plain" style="font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;border-radius:0px;background:0px 50%;border:0px;float:none;height:auto;line-height:20px;margin:0px;outline:0px;overflow:visible;padding:0px;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-weight:normal;font-style:normal;font-size:14px;min-height:inherit;color:rgb(0,0,0)">=</code><code class="gmail-xml gmail-string" style="font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;border-radius:0px;background:0px 50%;border:0px;float:none;height:auto;line-height:20px;margin:0px;outline:0px;overflow:visible;padding:0px;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-weight:normal;font-style:normal;font-size:14px;min-height:inherit;color:rgb(0,51,102)">"<a href="https://service.example.org/Shibboleth.sso/SAML2/POST" style="text-decoration:none;border-radius:0px;background:0px 50%;border:0px;float:none;height:auto;line-height:20px;margin:0px;outline:0px;overflow:visible;padding:0px;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;font-weight:normal;font-style:normal;font-size:14px;min-height:inherit;color:rgb(0,51,102)">https://service.example.org/Shibboleth.sso/SAML2/POST"</a></code><span> </span><code class="gmail-xml gmail-color1" style="font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;border-radius:0px;background:0px 50%;border:0px;float:none;height:auto;line-height:20px;margin:0px;outline:0px;overflow:visible;padding:0px;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-weight:normal;font-style:normal;font-size:14px;min-height:inherit;color:rgb(128,128,128)">index</code><code class="gmail-xml gmail-plain" style="font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;border-radius:0px;background:0px 50%;border:0px;float:none;height:auto;line-height:20px;margin:0px;outline:0px;overflow:visible;padding:0px;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-weight:normal;font-style:normal;font-size:14px;min-height:inherit;color:rgb(0,0,0)">=</code><code class="gmail-xml gmail-string" style="font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;border-radius:0px;background:0px 50%;border:0px;float:none;height:auto;line-height:20px;margin:0px;outline:0px;overflow:visible;padding:0px;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-weight:normal;font-style:normal;font-size:14px;min-height:inherit;color:rgb(0,51,102)">"1"</code></div><div class="gmail-line gmail-number25 gmail-index24 gmail-alt2" style="margin:0px;padding:0px 1em 0px 0px;border-radius:0px;background:0px 50% rgb(255,255,255);border:0px;float:none;height:auto;line-height:20px;outline:0px;overflow:visible;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;font-weight:400;font-style:normal;font-size:14px;min-height:inherit;white-space:nowrap;color:rgb(51,51,51);font-variant-ligatures:normal;font-variant-caps:normal;letter-spacing:normal;text-indent:0px;text-transform:none;word-spacing:0px;text-decoration-style:initial;text-decoration-color:initial"><code class="gmail-xml gmail-spaces" style="font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;border-radius:0px;background:0px 50%;border:0px;float:none;height:auto;line-height:20px;margin:0px;outline:0px;overflow:visible;padding:0px;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-weight:normal;font-style:normal;font-size:14px;min-height:inherit">      </code><code class="gmail-xml gmail-color1" style="font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;border-radius:0px;background:0px 50%;border:0px;float:none;height:auto;line-height:20px;margin:0px;outline:0px;overflow:visible;padding:0px;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-weight:normal;font-style:normal;font-size:14px;min-height:inherit;color:rgb(128,128,128)">Binding</code><code class="gmail-xml gmail-plain" style="font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;border-radius:0px;background:0px 50%;border:0px;float:none;height:auto;line-height:20px;margin:0px;outline:0px;overflow:visible;padding:0px;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-weight:normal;font-style:normal;font-size:14px;min-height:inherit;color:rgb(0,0,0)">=</code><code class="gmail-xml gmail-string" style="font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;border-radius:0px;background:0px 50%;border:0px;float:none;height:auto;line-height:20px;margin:0px;outline:0px;overflow:visible;padding:0px;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-weight:normal;font-style:normal;font-size:14px;min-height:inherit;color:rgb(0,51,102)">"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"</code><code class="gmail-xml gmail-plain" style="font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;border-radius:0px;background:0px 50%;border:0px;float:none;height:auto;line-height:20px;margin:0px;outline:0px;overflow:visible;padding:0px;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-weight:normal;font-style:normal;font-size:14px;min-height:inherit;color:rgb(0,0,0)">/></code></div>if you had a <a href="http://service2.example.org">service2.example.org</a>, you'd just need a second ACS with location:</div><div><div class="gmail-line gmail-number24 gmail-index23 gmail-alt1" style="margin:0px;padding:0px 1em 0px 0px;border-radius:0px;background:0px 50% rgb(255,255,255);border:0px;float:none;height:auto;line-height:20px;outline:0px;overflow:visible;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;font-weight:400;font-style:normal;font-size:14px;min-height:inherit;white-space:nowrap;color:rgb(51,51,51);font-variant-ligatures:normal;font-variant-caps:normal;letter-spacing:normal;text-indent:0px;text-transform:none;word-spacing:0px;text-decoration-style:initial;text-decoration-color:initial"><code class="gmail-xml gmail-plain" style="font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;border-radius:0px;background:0px 50%;border:0px;float:none;height:auto;line-height:20px;margin:0px;outline:0px;overflow:visible;padding:0px;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-weight:normal;font-style:normal;font-size:14px;min-height:inherit;color:rgb(0,0,0)"><</code><code class="gmail-xml gmail-keyword" style="font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;border-radius:0px;background:0px 50%;border:0px;float:none;height:auto;line-height:20px;margin:0px;outline:0px;overflow:visible;padding:0px;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-style:normal;font-size:14px;min-height:inherit;font-weight:bold;color:rgb(51,102,153)">md:AssertionConsumerService</code><span> </span><code class="gmail-xml gmail-color1" style="font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;border-radius:0px;background:0px 50%;border:0px;float:none;height:auto;line-height:20px;margin:0px;outline:0px;overflow:visible;padding:0px;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-weight:normal;font-style:normal;font-size:14px;min-height:inherit;color:rgb(128,128,128)">Location</code><code class="gmail-xml gmail-plain" style="font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;border-radius:0px;background:0px 50%;border:0px;float:none;height:auto;line-height:20px;margin:0px;outline:0px;overflow:visible;padding:0px;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-weight:normal;font-style:normal;font-size:14px;min-height:inherit;color:rgb(0,0,0)">=</code><code class="gmail-xml gmail-string" style="font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;border-radius:0px;background:0px 50%;border:0px;float:none;height:auto;line-height:20px;margin:0px;outline:0px;overflow:visible;padding:0px;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-weight:normal;font-style:normal;font-size:14px;min-height:inherit;color:rgb(0,51,102)">"<a href="https://service.example.org/Shibboleth.sso/SAML2/POST" style="text-decoration:none;border-radius:0px;background:0px 50%;border:0px;float:none;height:auto;line-height:20px;margin:0px;outline:0px;overflow:visible;padding:0px;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;font-weight:normal;font-style:normal;font-size:14px;min-height:inherit;color:rgb(0,51,102)">https://service2.example.org/Shibboleth.sso/SAML2/POST"</a></code><span> </span><code class="gmail-xml gmail-color1" style="font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;border-radius:0px;background:0px 50%;border:0px;float:none;height:auto;line-height:20px;margin:0px;outline:0px;overflow:visible;padding:0px;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-weight:normal;font-style:normal;font-size:14px;min-height:inherit;color:rgb(128,128,128)">index</code><code class="gmail-xml gmail-plain" style="font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;border-radius:0px;background:0px 50%;border:0px;float:none;height:auto;line-height:20px;margin:0px;outline:0px;overflow:visible;padding:0px;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-weight:normal;font-style:normal;font-size:14px;min-height:inherit;color:rgb(0,0,0)">=</code><code class="gmail-xml gmail-string" style="font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;border-radius:0px;background:0px 50%;border:0px;float:none;height:auto;line-height:20px;margin:0px;outline:0px;overflow:visible;padding:0px;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-weight:normal;font-style:normal;font-size:14px;min-height:inherit;color:rgb(0,51,102)">"7"</code></div><div class="gmail-line gmail-number25 gmail-index24 gmail-alt2" style="margin:0px;padding:0px 1em 0px 0px;border-radius:0px;background:0px 50% rgb(255,255,255);border:0px;float:none;height:auto;line-height:20px;outline:0px;overflow:visible;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;font-weight:400;font-style:normal;font-size:14px;min-height:inherit;white-space:nowrap;color:rgb(51,51,51);font-variant-ligatures:normal;font-variant-caps:normal;letter-spacing:normal;text-indent:0px;text-transform:none;word-spacing:0px;text-decoration-style:initial;text-decoration-color:initial"><code class="gmail-xml gmail-spaces" style="font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;border-radius:0px;background:0px 50%;border:0px;float:none;height:auto;line-height:20px;margin:0px;outline:0px;overflow:visible;padding:0px;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-weight:normal;font-style:normal;font-size:14px;min-height:inherit">      </code><code class="gmail-xml gmail-color1" style="font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;border-radius:0px;background:0px 50%;border:0px;float:none;height:auto;line-height:20px;margin:0px;outline:0px;overflow:visible;padding:0px;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-weight:normal;font-style:normal;font-size:14px;min-height:inherit;color:rgb(128,128,128)">Binding</code><code class="gmail-xml gmail-plain" style="font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;border-radius:0px;background:0px 50%;border:0px;float:none;height:auto;line-height:20px;margin:0px;outline:0px;overflow:visible;padding:0px;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-weight:normal;font-style:normal;font-size:14px;min-height:inherit;color:rgb(0,0,0)">=</code><code class="gmail-xml gmail-string" style="font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;border-radius:0px;background:0px 50%;border:0px;float:none;height:auto;line-height:20px;margin:0px;outline:0px;overflow:visible;padding:0px;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-weight:normal;font-style:normal;font-size:14px;min-height:inherit;color:rgb(0,51,102)">"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"</code><code class="gmail-xml gmail-plain" style="font-family:Consolas,"Bitstream Vera Sans Mono","Courier New",Courier,monospace;border-radius:0px;background:0px 50%;border:0px;float:none;height:auto;line-height:20px;margin:0px;outline:0px;overflow:visible;padding:0px;text-align:left;vertical-align:baseline;width:auto;box-sizing:content-box;font-weight:normal;font-style:normal;font-size:14px;min-height:inherit;color:rgb(0,0,0)">/></code></div><br></div><div><br></div><div>Greg </div></div></div></div>