I have searched the archives, and I believe I know what is
happening, but I
am asking for some confirmation on my suspicions.
We recently put our IDPs behind a pair of ACE 30 load balancers. We
doing SSL offloading on ports 443 and 8443. We have had some users
that they can no longer get to the sites they could before.
The site in question is using SAML1 to communicate to our IDP, so
if I understand
things correctly, that would be on port 8443. Since we are
"terminating" the request
at the load balancer, the IDP is basically "rejecting" the request,
and the attributes are
not released to the SP.
Would the solution to this problem be to simply turn off the SSL
offloading on port
8443 on the load balancer?
Thank you taking the time to read this email.
ITS Identity and Access Management
University Of Michigan
Put your hand on a hot stove for a minute, and it seems like an hour.
Sit with a pretty girl for an hour, and it seems like a minute. That's Relativity.
- Albert Einstein