Background
I trying to get a multi-tenant application working with Spring Security SAML so that it can authenticate against multiple Identity Providers. I'm trying to use different subdomains to resolve the IdP, so the user doesn't have to select it manually. My app is based on this sample project. I have multiple domains mapped to my server, For example:
auth.mycompany.comcustomer1.mycompany.comcustomer2.mycompany.com
Problem
The problem I'm having is that when I navigate to customer1.mycompany.com it properly resolves to the root path on my app, which requires authentication, but I'm redirected to auth.mycompany.com/saml/discovery?entityID=...&returnIDParam=idp, which takes me to the right controller, but I'm losing the subdomain information from the request, which I need to resolve which IdP to use.
How do I preserve the alternate subdomain across the Spring Security SAML Redirect?
More Details
This is happening on localhost where I've defined hosts in my /etc/hosts file and regarless of which hostname I use, it ends up redirected to
127.0.0.1 localhost wozniak
127.0.0.1 WOZNIAK.local
127.0.0.1 customer.wozniak.local
127.0.0.1 ssocircle.wozniak.local
It's also happening on AWS Elastic Beanstalk where I've defined multiple A records as Aliases to the same Elastic Beanstalk environment.
I'm also open to other suggestions if I'm just doing multi-tenant SAML all wrong.
Thanks in advance for your help.
