Skip to Content.
Sympa Menu

mace-opensaml-users - RE: [OpenSAML] SAML and load balancing

Subject: OpenSAML user discussion

List archive

RE: [OpenSAML] SAML and load balancing


Chronological Thread 
  • From: "Scott Cantor" <>
  • To: <>
  • Subject: RE: [OpenSAML] SAML and load balancing
  • Date: Sun, 28 Sep 2008 13:54:19 -0400
  • Organization: The Ohio State University

> Redirects are translated by reverse proxies, at least in every reverse
> proxy setup I encountered so far. (But I'm still young :-)

In that situation your hack is the appropriate one. If we defined a separate
interface to supply that information, it would make extra work for everybody
else using the library.

> I'm not sure you can change the scheme and port number. A quick look
> at the Tomcat doc for the Host element does not show an attribute to
> configure scheme or port number.

Try the Connector element.

> That assumption does not hold in all environments (imho). As we want
> our application to run in as many environments (good and badly
> designed ones) without fighting our way through the network and system
> operations departements, we need to be able to configure parameters
> like SAML target from within the application. I believe this to be
> genuine use case.

I can't speak for Chad, but supporting badly designed environments and
coddling sysadmins is not only a non-goal, but an anti-goal. If I make life
hard for a lazy sysadmin, I count it a good day.

-- Scott





Archive powered by MHonArc 2.6.16.

Top of Page