shibboleth-dev - RE: IDP Redirection from SSO profile to Authn Handler
Subject: Shibboleth Developers
List archive
- From: "Scott Cantor" <>
- To: <>
- Subject: RE: IDP Redirection from SSO profile to Authn Handler
- Date: Fri, 1 Feb 2008 16:02:25 -0500
- Organization: The Ohio State University
> Anyway, it's a strange bug that confused me until I realized my machine
was
> configured to use my real hostname (which may or may not be considered
> incorrect), but within the federation, I am strictly using CNAME based
> hostnames for the sake of shorter and more meaningful domain names. In
this
> case, it broke the functionality and I had to change the name of my
computer
> locally.
I would think that there's a requirement, just as with Apache ServerName, to
properly configure Tomcat to provide the right hostname to any servlets. It
shouldn't (and in fact cannot) be dependent on the machine's name.
If for some reason that's not possible, then just as with the SP and IIS, a
substitute mechanism to provide the canonical name would be needed.
Also, relative redirects are not legal:
http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.30
-- Scott
- IDP Redirection from SSO profile to Authn Handler, Jeff.Krug, 02/01/2008
- RE: IDP Redirection from SSO profile to Authn Handler, Scott Cantor, 02/01/2008
- RE: IDP Redirection from SSO profile to Authn Handler, Jeff.Krug, 02/01/2008
- RE: IDP Redirection from SSO profile to Authn Handler, Scott Cantor, 02/01/2008
Archive powered by MHonArc 2.6.16.