I have SP initiated SAML 2.0 + SPRING boot application working behind the Load balancer. The load balancer end point (http://myserver.biz) is configured as entityBaseUrl for the application as
metadataGenerator.setEntityBaseURL(http://myserver.biz);
We added reverse proxy over the LB now which customer will be connecting to over internet. The proxy end point is https://myserverproxy.com. Now I configured entitybase url to something like
metadataGenerator.setEntityBaseURL(https://myserverproxy.com);
The trouble is internal customer will be using application url as http://myserver.biz while external customers coming over internet will use https://myserverproxy.com.
I am unable to configure two entityBaseUrls for the application, SAML MetadataGenerator class support only one entity base url at a time.
public class MetadataGenerator {
private String id;
private String entityId;
private String entityBaseURL;
...
}
How can this be achieved? Any solution on this?
@Bean
public MetadataGenerator metadataGenerator() {
MetadataGenerator metadataGenerator = new MetadataGenerator();
metadataGenerator.setEntityId(entityId);
metadataGenerator.setExtendedMetadata(extendedMetadata());
metadataGenerator.setIncludeDiscoveryExtension(false);
metadataGenerator.setKeyManager(keyManager());
metadataGenerator.setEntityBaseURL(entityBaseUrl);
return metadataGenerator;
}
