Hello users,
We are looking at integrating CA Performance Management with Microsoft AD FS with the Web Application Proxy on the front-end. To give our customers acces to the portal of PM.
The problem is that the Portal has its own SSO application where you have to go over with SAML to authenticate which is running on a different port.
But most of our customers won't allow there users to go out to port 8382 where the SSO is living.
And when you try to reverse proxy it, the portal won't allow the request, since it is expecting it on a different port.
So we have now build around it, and set the PC front-end on a different port that can be reverse proxy'd, and set the SSO portal on port 443.
This brought us a step closer, but now we face the following.
The AD FS IDP is removing the port from the UserAssertionService since 443 is the default HTTPS port.
But CA PM is still expecting it to be there, so it gives the following error:
ERROR | qtp1309003972-21 | 2020-08-06 14:27:07,172 | common.sso.saml2.UserAssertionService
| Wrong destination. Expected:
https://<url>:443/sso/saml2/UserAssertionService. Received:
https://<url>/sso/saml2/UserAssertionServiceAnd we now still can't login.
Has anybody have any experience with CA PM integrating with SAML and a reverse proxy? And how did you do this?
Kind regards,
Nick