0 Replies Latest reply on Aug 30, 2013 7:26 AM by John Ament

    SAML authentication - does this call stack look right?

    John Ament Master

      Hi,

       

      I'm trying to now run my application behind Apache HTTPd, using proxy forwarding from the HTTP server.  What I set up was a locally running HTTP server on my machine, listening on port 8087.  My JBoss AS7 instance is on 8082.  When I access via 8087 it's fine, I'm able to visit the SP, it fowards me to the IDP, both are working correctly on 8087.  When I login to my IDP, I see the following HTTP requests made:

       

      127.0.0.1 - - [30/Aug/2013:07:16:43 -0400] "POST /idp/rest/loginHandler/doLogin HTTP/1.1" 200 3324

      127.0.0.1 - - [30/Aug/2013:07:16:59 -0400] "POST /sp/ HTTP/1.1" 200 1040

      127.0.0.1 - - [30/Aug/2013:07:16:59 -0400] "POST /idp/ HTTP/1.1" 404 3324

      127.0.0.1 - - [30/Aug/2013:07:16:59 -0400] "POST /sp/ HTTP/1.1" 302 -

       

      In that last call, the 302 is redirecting me from 8087 to 8082.  But the question is, should I even be seeing all of these calls?  I would expect only the first two, to authenticate me in to the application.  Is there something I need to configure to tell JBoss/PicketLink that 8087 is also OK?

       

      I'm able to go back and visit 8087 and it is correctly logged in.

       

      Thanks!