Forum Discussion
jnowlin_44976
Nimbostratus
NimbostratusSAML IDP-initiated without webtop
so i have 1 SP initiated SAML setup and working.
i have another request to setup an IDP initiated SAML connection. i have get it to work successfully following the guide but after signing into the F...
jnowlin_44976Nimbostratus
Nimbostratusso my working irule looks like this:
when ACCESS_POLICY_COMPLETED {
if { [ACCESS::session data get session.server.landinguri] starts_with "/saml/idp/profile/redirectorpost/sso" } {
log local0. "SP initiated SAML detected, not sending redirect"
}
if { [ACCESS::session data get session.server.landinguri] starts_with "/SAMLURL" } {
log local0. [ACCESS::session data get session.assigned.resources.saml]
ACCESS::respond 302 Location "https://sso.example.com/saml/idp/res?id=/Common/SAML_Resource"
log local0. "IDP initiated SAML detected, sending redirect"
} else {
log local0. "Nothing Matched land on portal"
}}
looks like yours handle the 302 redirect but not the SP-initiated. do i need to add those lines to both httprequest and accesspolicy completed sections?