I have SAML 2.0 setup for GRC, providing SSO to our ABAP URL's. It works great, validating credentials against ADFS. Now, I want to extend that to cover the Web Dispatcher so we can enable Fiori for GRC.
I found a wiki that says to access the SAML 2.0 configuration application using http(s)://<web dispatcher/proxy host:<web dispatcher/proxy port>, then download the "Metadata" and send that to the Identity Provider. I'm expecting that this will update the trust with the Identity Provider so that the SAML 2.0 response will use the same host name and same port.
I reviewed my metadata.xml. It doesn't have any reference to the Web Dispatcher host name, so I question how the Identity Provider is going to successfully complete RelayState mapping.
Any thoughts or words of wisdom?