Problem with SAML2 delegated administration

26 views
Skip to first unread message

Fabio Martelli

unread,
Oct 31, 2018, 4:39:52 AM10/31/18
to CAS Community

Dear All, I have to ask for your help in order to achieve a specific requirement.

I have 2 CAS 5.2 instances  behind a proxy. Unfortunately, this proxy could be referenced with two different names.

No problem in general as you can imagine except for SAML delegated administration: in this case IdP provider URLs seem to be generated by using what has been configured into cas.properties as cas.server.name/cas.server.prefix.

You know, in this specific case assertionConsumerServiceURLs are really important. If this reference is not correct the authentication fails.

Is there a way to achieve this requirement? If I have to override something, could you address me where I have to change the behavior?

Finally, if you think it could be a bug, please let me know if, in case, I have to provide a PR.

Thank you in advance.

Best regards,

F.

-- 
Fabio Martelli
Tel +393204726071
https://it.linkedin.com/pub/fabio-martelli/1/974/a44
http://blog.tirasa.net/author/fabio/index.html

Tirasa S.r.l.
Viale D'Annunzio 267 - 65127 Pescara
Tel +39 0859116307 / FAX +39 0859111173
http://www.tirasa.net

Misagh Moayyed

unread,
Oct 31, 2018, 3:21:35 PM10/31/18
to CAS Community, fabio.m...@tirasa.net
If you mean the SP metadata, can you not modify that manually with the right URLs to match your proxy?

Fabio Martelli

unread,
Oct 31, 2018, 5:02:31 PM10/31/18
to Misagh Moayyed, CAS Community, fabio.m...@tirasa.net
Hi Misagh, thanks for your reply.
I'm not saying about metadata. That wasn't a problem at all.
AssertionConsumerServiceURL into AuthnRequest is the problem. The fact is that the proxy can be called in two different ways.
Do you have suggestions?
Thank in advance.
Best regards,
F.
--
Inviato dal mio dispositivo Android con K-9 Mail. Perdonate la brevità.
Reply all
Reply to author
Forward
0 new messages