Thanks Darshana. Currently we don't sign the request which is generated from the gateway. We could improve it configurable and give user option to sign or not. But I'm not sure whether we can use this as a permanent solution because, then user is always restricted to sign the request if he want to expose both http/https gateway urls. Will this be a hard improvement if we doing it from identity side ? What we need is capability to configure multiple ACS urls in the SP. When the request comes, validate ACS in the request is a one defined in SP, if so send saml response to the matching ACS.
Regards, Dinusha. On Thu, Dec 11, 2014 at 4:32 PM, Darshana Gunawardana <[email protected]> wrote: > > AFAIK, we don't support registering multiple ACS urls.. But IdP honour to > the ACS in the authentication request, if the request is signed. > > On Thu, Dec 11, 2014 at 12:51 PM, Dinusha Senanayaka <[email protected]> > wrote: > >> Hi, >> >> Requirement is, in App Manager, synapse gateway act as the assertion >> consumer URL. It's possible to expose gateway url from http and https at >> the same time which will give two access urls. So when we registering SP >> for this app, we need to associate both http and https urls as assertion >> consumer urls. >> >> Regards, >> Dinusha. >> >> -- >> Dinusha Dilrukshi >> Senior Software Engineer >> WSO2 Inc.: http://wso2.com/ >> Mobile: +94725255071 >> Blog: http://dinushasblog.blogspot.com/ >> > > > > -- > Regards, > > > *Darshana Gunawardana*Software Engineer > WSO2 Inc.; http://wso2.com > > *E-mail: [email protected] <[email protected]>* > *Mobile: +94718566859 <%2B94718566859>*Lean . Enterprise . Middleware > -- Dinusha Dilrukshi Senior Software Engineer WSO2 Inc.: http://wso2.com/ Mobile: +94725255071 Blog: http://dinushasblog.blogspot.com/
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
