Forum Discussion
raZorTT
Cirrostratus
CirrostratusiRule - Access to External IdP connectors
Hi,
I have APM setup as a Service Provider with multiple IdP connectors.
I was wondering if there is a way to get at the list of IdP connectors and the matching values I have setup in as pa...
raZorTTCirrostratus
CirrostratusHi Michael,
I have a virtual server, https://app.acme.com that stakeholders use to access our application. I have a virual server, https://login.acme.com that is setup as a Service Provider and has an access policy that uses SAML auth for authentication.
If a users wants to login to the default page of the application they would click a short cut that links to https://app.acme.com/abc. When they hit app.acme.com they are seen to be unauthenticated and be redirected to login.acme.com/abc. abc is an acronym that we use to do the IdP matching.
Once the user is authenticated they are redirect back to https://app.acme.com and can access the application.
This all works fine if users access the application through default shortcuts, but if someone were to be sent a link to https://app.acme.com/reports then we need some way to identify which stakeholder they are. What I was thinking of doing was to take the start of the HTTP::uri and comparing that to the list of IdP external connectors matching valuse we have configured. If there is a match then proceed with the AP as expected. If there isn't a match, then redirect the user to a form where they can select their agency from a drop down list.
To make things more friendly, once they have selected who they are I will store that in a session cookie to limit the number of times they see the form.
Is there an more obvious way I could do this that I have missed? Appreciate any thoughts/insights.
Cheers, Simon