[Unity-idm-discuss] Support for multiple SAML assertion consumer service endpoints for a single SAM

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Hello Krzysztof,

does unity (we are still on version 1.9.6) support multiple assertion
consumer (ACS) endpoints (with different hostnames) for a single SAML SP?

We have integrated a SAML SP with a separate ACS for each application
they host via that SP, as described in the shibboleth documentation [1]
under 'Applications'. See the attached metadata for an example.

None of these locations seems to work and throw a
"eu.unicore.samly2.exceptions.SAMLRequesterException:
AssertionConsumerServiceURL in request
(https://registries.clarin-dariah.eu/Shibboleth.sso/SAML2/POST) is not
among trusted endpoints of the issuer." error.

There is no information in the unity log file (log level = DEBUG)
indicating any issue with this SP
(entityID="https://clarin.oeaw.ac.at/shibboleth").

Any help to fix this issue is greatly appreciated. Please let me know if
you need more information.

Best,

Willem

[1]
https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPApplicationModel

-- 
Willem Elbers
CLARIN ERIC
www.clarin.eu | tel: +31-(0)85-0091277 | skype: wjm.elbers

[Unity-idm-discuss] Support for multiple SAML assertion consumer service endpoints for a single SAM

Identity management and federations integration

[Unity-idm-discuss] Support for multiple SAML assertion consumer service endpoints for a single SAML SP