[OPENAM-8490] ssoadm create-metadata-templ should be able to populate service URLs using the site address Created: 04/Mar/16  Updated: 11/May/17

Status: Open
Project: OpenAM
Component/s: CLI, SAML
Affects Version/s: 11.0.3, 12.0.2
Fix Version/s: None

Type: Improvement Priority: Minor
Reporter: Andrew Dunn [X] (Inactive) Assignee: Unassigned
Resolution: Unresolved Votes: 1
Labels: AME
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Target Version/s:
Rank: 1|hzr3mv:
Support Ticket IDs:

 Description   

When creating a metadata template, the xml will contain some service endpoints. For example:

 <ArtifactResolutionService
            Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
            Location="http://server1.example.com:8080/openam/ArtifactResolver/metaAlias/realm/idp"
            index="0"
            isDefault="1"/>

For deployments behind an LB, it's preferred to have:

 <ArtifactResolutionService
            Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
            Location="https://site.example.com:443/openam/ArtifactResolver/metaAlias/realm/idp"
            index="0"
            isDefault="1"/>

If an entity is created in the console when logged in via the site URL, the location fields in the entity will use the site URL. If created when logged in directly to a server, the location will map to the server URL.

If an entity is created through use of ssoadm create-metadata-templ, there is no way to request the site URL be used.

Steps to reproduce:

1. Install OpenAM behind an LB and setup ssoadm.
2. Run create-metadata-templ.

ssoadm create-metadata-templ -u amadmin -f /home/fr/pw.txt -y https://ha.example.com:443/openam -x x.xml -m m.xml -i /realm/idp -b test

3. Observer values in Location parameters for service endpoints are always mapped to the server ssoadm is run from.

There should be a way to populate these endpoints with the site URL.


Generated at Sun May 09 08:16:44 UTC 2021 using Jira 8.16.0#816000-sha1:a455b91378454416b49bbc88d03e653cb9815ed5.