Question

Custom URL with SSO via SAML module

2

Hi all, For a project I have the SAML module implemented for Single Sign On via SAML2. We also have a custom URL for our application. Both work perfectly separately.. What I want to achieve is that, when entering the application via Single Sign On, thus via the requesthandler app.mendixcloud.com/SSO/assertion all users end up logged in at customurl/index.html instead of app.mendixcloud.com/index.html. Simply changing on the Identity Provider side app.mendixcloud.com/SSO/assertion into customurl/SSO/assertion doesn't work and gives this message in the errorlog: Feb 4 13:20:40 127.0.0.1 tr10000: ERROR - SAML_SSO: (1/57) org.opensaml.common.SAMLException: org.opensaml.xml.validation.ValidationException: Wrong destination. Expected https://app.mendixcloud.com/SSO/assertion, was https://customURL/SSO/assertion I can't seem to get this working. Anybody any ideas?

asked 2015-02-04

Ivo Sturm

4 answers

5

I changed the javasource\saml20\implementation\common\Constants.java file according to Jaspers answer like this:

private static String SP_CONSUMER_URI = null;

private static String CUSTOM_URL = null;

public static final String getSP_URI() {
    if ( SP_CONSUMER_URI == null ) {
        CUSTOM_URL = Core.getConfiguration().getConstantValue("SAML20.CustomURL").toString();
        if ( CUSTOM_URL == null || CUSTOM_URL.isEmpty()) {
            SP_CONSUMER_URI = Core.getConfiguration().getApplicationRootUrl();
        } else {
            SP_CONSUMER_URI = CUSTOM_URL;
        }

        if ( !SP_CONSUMER_URI.endsWith("/") )
            SP_CONSUMER_URI += "/";
    }

    return SP_CONSUMER_URI;
}

and as you can see added a SAML20.CustomURL constant. It is working like a charm now!

answered 2015-02-05

Ivo Sturm

2

You can pass the url in the url with (something like)

http://app.mendixcloud.com/SSO/assertion?cont=app.mendixcloud.com/index.html

or change the constant:

WinSSO.IndexPage

If you know java you can read the loginhelper.java file

answered 2015-02-04

Chris de Gelder

0

This has changed since 8 years ago. To make this work in the current version of the SAML module, do the following.

In file

\javasource\saml20\actions\GetApplicationRootURL.java

change line 27 (right under '// BEGIN USER CODE') to:

return Core.getConfiguration().getConstantValue("Common.CONST_ApplicationUrl").toString();

answered 2024-02-07

Ruben FC de Rijcke

Jasper van der Hoek · Accepted Answer · 2015-02-04

The SAML module is designed to always use the application root url, in the cloud that is the mendixcloud url.

I would recommend adding a constant and changing a Java action.

The file: javasource\saml20\implementation\common\Constants.java contains a function on line 86:

public static final String getSP_URI() {
    if ( SP_CONSUMER_URI == null ) {
        SP_CONSUMER_URI = Core.getConfiguration().getApplicationRootUrl();

        if ( !SP_CONSUMER_URI.endsWith("/") )
            SP_CONSUMER_URI += "/";
    }

    return SP_CONSUMER_URI;
}

That function provides the url to all aspects in the saml module, if you would replace the second line in the function and instead of Core.get app root url use a constant, it would solve your problems.

just replace the line

 SP_CONSUMER_URI = Core.getConfiguration().getApplicationRootUrl();

with

 SP_CONSUMER_URI = Core.getConfiguration().getConstantValue("MyModule.TheConstantContainingMyURL");