[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Behavior of BARE_URL_ENTITYID



Hi Sampo,
    Thanks for the reply. Yes the REDIR_TO_CONTENT is set to 1. Do you want
me to try it with the value set to "0"? I would really like this to be set,
as I don't want the users to see the big url, and just the one that they
accessed. Like you mentioned, this could be a bug.

Regards,
Karthik


On Wed, Nov 27, 2013 at 6:12 PM, <sampo@xxxxxxxxx> wrote:

> Karthik Sudarshan <ksudarshan@xxxxxxxxxx> said:
> > Hi all,
> >     I'm using the latest compiled mod_auth_saml module, and I have set
> the
> > BARE_URL_ENTITYID=1 configuration to ensure just a URI for the entityId
> > without the o=B query string. This seems to work fine.
> >
> > However, after authentication instead of accessing the resource it just
> > displays the SP metadata.
>
> The Well Known Location method of metadata exchange specifies
> that the entityID is the URL for fetching the metadata. You
> should keep that in mind when choosing the URL you use with
> BARE_URL_ENTITYID.
>
> > For instance, http://hostname/protected/saml is the URL (and the
> entityId)
> > and the protected resource is "/",  if I access
> > http://hostname/index.htmlI'm properly redirected to the IDP selection
> > page and after the
> > authentication on the IDP the url is displayed as
> > http://hostname/index.htmlbut the contents that are rendered are for
> > the
> > http://hostname/protected/saml.
>
> This is curious. Maybe a bug?
>
> "The url is displayed as" refers to the URL you see in the browser URL bar?
>
> Is REDIR_TO_CONTENT still set to 1?
>
> Cheers,
> --Sampo
>
> > If however, I set the BARE_URL_ENTITY_ID=0 and reconfigure the IDP, and
> > redo the same test, it goes through and the index.html is displayed
> > properly.
> >
> > There is no other configuration change on the SP or the IDP side.
> >
> > Can someone let me know if I'm missing any other configuration?
> >
> > Regards,
> > Karthik
> >
> > --
> >
> > ------------------------------
> > <http://www.xtivia.com>  <http://www.virtual-dba.com/> <
> http://www.virtual-dba.com/><http://www.virtual-asa.com/>
> >   <http://www.facebook.com/Xtivia>  <http://twitter.com/#!/xtivia> <
> http://www.linkedin.com/company/xtivia>
> >   <http://blogs.xtivia.com>  <http://www.xtivia.com/resources/webinars>
> > *Xtivia Virtual-Services (DBA/ASA) Customer Support: (800) 205-7537*
> > ------------------------------
> > This e-mail may contain confidential or privileged information. If you
> > believe you have received this e-mail in error, please notify the sender
> by
> > reply e-mail and then delete this e-mail immediately.
> >
> >
>

-- 

------------------------------
<http://www.xtivia.com>  <http://www.virtual-dba.com/> <http://www.virtual-dba.com/><http://www.virtual-asa.com/>
  <http://www.facebook.com/Xtivia>  <http://twitter.com/#!/xtivia> <http://www.linkedin.com/company/xtivia>
  <http://blogs.xtivia.com>  <http://www.xtivia.com/resources/webinars>
*Xtivia Virtual-Services (DBA/ASA) Customer Support: (800) 205-7537*
------------------------------
This e-mail may contain confidential or privileged information. If you 
believe you have received this e-mail in error, please notify the sender by 
reply e-mail and then delete this e-mail immediately.