Skip to Content
0
Jul 20, 2016 at 05:15 PM

Extending SAML 2.0 to Web Dispatcher

2924 Views

I have SAML 2.0 setup for GRC, providing SSO to our ABAP URL's. It works great, validating credentials against ADFS. Now, I want to extend that to cover the Web Dispatcher so we can enable Fiori for GRC.

I found a wiki that says to access the SAML 2.0 configuration application using http(s)://<web dispatcher/proxy host:<web dispatcher/proxy port>, then download the "Metadata" and send that to the Identity Provider. I'm expecting that this will update the trust with the Identity Provider so that the SAML 2.0 response will use the same host name and same port.

I reviewed my metadata.xml. It doesn't have any reference to the Web Dispatcher host name, so I question how the Identity Provider is going to successfully complete RelayState mapping.

Any thoughts or words of wisdom?