Enabling SAML2.0 For Fiori with 2 different Hostn...

former_member561578 · ‎08-27-2020

Hi Geeks,

I got stock in enabling SAML2.0 SSO configuration with 2 different hosts which is connecting to same application.

hostname1:port1 (Intranet Hostname)
hostname2:port2 (Internet Hostname)

I'd activated SAML2 with Hostname 1 and worked with ADFS team to export/import metadata. Its working fine when i use Fiori with Hostname1, after that my ADFS team added hostname2 in the ADFS relay state configuration as alias/ secondary hostname.

But now when i try access Fiori with Hostname2, facing relaystate error with hostname1 redirection. In ADFS Hostname1 is added as default which we can't edit.

Now my question is, is there is any option not to make hostname 1 as default while configure SAML2, so that we can add multiple hostname as relaystate endpoint urls.

I tried searching for SNote and SAP documents, no where it is mentioned for 2 different host for same application.

geferson_hess · ‎08-27-2020

The important thing is that all messages are exchanged using the same hostname.
The issue in the scenario you described is that the IdP is unable to send the Response to the same host the AuthN Request was created.

The main question is: is there a way to configure the IdP so it can send the Response to hostname1:port1 when the AuthN Request it receives is from hostname1:port1 and to hostname2:port2 when the AuthN Request was sent from hostname2:port2?

If the IdP can't handle that, then the scenario is not possible, afaik.

Enabling SAML2.0 For Fiori with 2 different Hostnames

Re: SAP BW: Automatic sending of server files (al1...

Re: Formatting rules duplicate button not working ...

Re: Migration of Webi reports to Oracle analytics ...

How to calculate Average on the Non-zero and Non-n...

Re: [SAP MDK] Saving data in a GLOBAL variable/con...