cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Multiple Application path for same Relay state parameter in SAP SAML 2.0 SSO

former_member184548
Participant

on ‎11-14-2013 9:31 AM

0 Kudos

Hello Experts

We have configured  SSO between non sap portal & sap portal 7.3 with SAML 2.0. Our SAP portal is acting as service provider. We have maintained the relay state paramter as shown in below for irj/portal

Our SSO is working fine for irj/portal

We also have sourcing 9.0 deployed on top of our portal system whose URL will be like https://<dns>/demosourcing/fsbuyer/portal/login. In this case the context is getting changed. How we can maintain multiple application path for same relay state parameter?

Thanks

Atul

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
‎11-14-2013 10:29 AM
0 Kudos

Hi,

  •   Start the SAML 2.0 configuration application (transaction SAML2).
  •   On the Local Provider tab, choose the Service Provider Settings tab.
  •   Choose the Edit pushbutton.
  •   Under RelayState Mapping, choose the Add pushbutton.
  •   Enter the application alias you agreed upon with the administrator of the identity provider and the relative path to the target application.

Application Path and RelayState Alias

RelayState : private

Application Path:

/example/private

Note:

The service provider supports adding URL parameters to the relay state alias. The service provider strips the URL parameters from the relay state alias and appends it to the matching application path, even if the application path already includes URL parameters. Using the example above, the service provider receives a relay state, private?test=true. The service provider redirects the client to /example/private?test=true.

  •   Save your entries.

BR,

Prabhakar

Show replies
Show replies
former_member184548
Participant
‎11-14-2013 12:43 PM
0 Kudos

Hi Prabhakar

How we can maintain multiple application path for same relay state parameter? It is not allowing to maintain different application context to same Relay state?

former_member184548
Participant
‎11-14-2013 12:53 PM
0 Kudos
Relay StateApplication contextRemark
https://abc.com/irj/portalCurrently maintained
https://abc.com/abcsourcing/fsbuyer/portal/loginNeed to maintain. Not allowing to maintain for same relay state.

Looking for how to maintain multiple application context for same relay state.

Thanks

Atul

Former Member
‎11-14-2013 1:20 PM
0 Kudos

Pls checck ...http://scn.sap.com/message/13970601

Former Member
‎11-20-2013 11:40 AM
0 Kudos

Hi Prabhakar,

SAP OSS team, came back with the following suggestion. Need help in developing a portal application and make portal application as below.

Thank you for the clarification. I inspected the attachment and I
confirm again that this mapping is not possible. You cannot have one
relay state mapped to more than one application path. And an additional
remark - it is not good that you give URL-s for the relay state, just
pick a plain descriptive string like 'portal' or 'abcsoursing' for
instance.
The idea of using the URL parameters is that on the SP side you create
an application with path, for instance '/redirect/app'
Then you define a relay state, say 'redirect_app' with value the above
application path. Then on the IdP side you have to configure the
links to be for that relay state and with specific URL parameters, for
instance:
http://<sp.host>:<sp.port>/redirect_app?target=app1
http://<sp.host>:<sp.port>/redirect_app?target=app2
http://<sp.host>:<sp.port>/redirect_app?target=app3

When received at the SP side they will be converted by the SP to these
URL-s:
http://<sp.host>:<sp.port>/redirect/app?target=app1
http://<sp.host>:<sp.port>/redirect/app?target=app2
http://<sp.host>:<sp.port>/redirect/app?target=app3

and the browser will be redirected to the redirect application with the
current target URL parameter. Then the redirect application will just
redirect to the application denoted in the target parameter, say:
http://<sp.host>:<sp.port>/app1

Regards

Ponnusamy

Ask a Question