HCL Notes and Domino 9.0 Social Edition Forum - SAML question - IDP not recognising host if port is SECURE

This forum is closed to new posts and responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:

HCL Software Customer Support Portal for U.S. Federal Government clients
HCL Software Customer Support Portal

Share ▼
Subscribe ▼

~Laura Deskiskioden

Feb 27, 2014, 5:32 PM

11 Posts

SAML question - IDP not recognising host if port is SECURE

Category: Administration
Platform: Windows
Release: 9.0.1
Role: Administrator,Developer
Tags: SAML
Replies: 1

I have SAML configured on Domino and it does the correct redirect to the external identify provider host, ONLY when I try to access a protected resource on my server with HTTP:// If I try via SSL with HTTPS:// the Domino IDP doesn't 'grab' the request and do the redirect. It's like it doesn't match it to any of the records in the IDP catalog! SSL is definitely working correctly as the normal login page is shown when HTTPS is used.

URL 1 works. The browser is redirected to the external identity provider for login. URL 2 brings up the regular session authentication form on DOMINO.

URL 1: HTTP://rlsso.myserver.com/names.nsf?Login

URL 2: HTTPS://rlsso.myserver.com/names.nsf?Login

~Tony Zekfootexikle

Feb 27, 2014, 10:00 PM

9 Posts

possibly a missing ip address

I suggest that you have a careful look at the Internet site configuration. Assuming SSL is properly configured for the Internet site, the Internet site will be listing an ip address. Domino's SSL connection is made at a very low level, dependent upon the site's ip address rather than the site's DNS name. Therefore make sure that the site's ip address is in the idpcat.nsf document.

best regards,
Jane Marcus, IBM

Share ▼
Subscribe ▼