Issue with multiple SAML configurations

Issue

When AEM Publish instance is configured with multiple SAML configurations(Single IDP with multiple AEM domains), only one of the configurations works. When keeping only one SAML configuration and removing others, everything works as expected.

Resolution

We need to use the Assertion Consumer URL to make sure IDP sends the response to respective configuration.

Make sure that the "Assertion Consumer URL" property is configured based on the "path" variable in the SAML config.

Example with www.abc.com mapped to /content/abc and www.xyz.com mapped to /content/xyz on the same AEM instance:

  • Path variable for SAML configuration(www.abc.com) should be configured as /content/abc and assertion consumer URL for IDP/SAML configuration should be as https://www.abc.com/content/abc/saml_login
  • Path variable for SAML configuration(www.xyz.com)  should be configured as /content/xyz and assertion consumer URL for IDP/SAML configuration should be as https://www.xyz.com/content/xyz/saml_login

Esta obra está autorizada con arreglo a la licencia de Reconocimiento-NoComercial-CompartirIgual 3.0 Unported de Creative Commons.  Los términos de Creative Commons no cubren las publicaciones en Twitter™ y Facebook.

Avisos legales   |   Política de privacidad en línea