Symantec Access Management

  • Private Community
 View Only
Back to discussions
Expand all | Collapse all

Can the same CA SPS act as a reverse proxy and Fed Gateway?

  • 1.  Can the same CA SPS act as a reverse proxy and Fed Gateway?

    Posted Jun 14, 2016 06:42 PM

    Hi,

     

    I have a CA SPS. I need it to perform dual functions as both SPS and as a Fed Gateway.

     

    I have proxy rules as such.

     

    <nete:cond criteria="beginswith" type="uri">

          <nete:case value="/Demo/Vendor1">

             <nete:forward>http://host.backend.com:8080$0</nete:forward>

          </nete:case>

     

          <nete:default>

             <nete:forward>http://www.portal.com</nete:forward>

          </nete:default>

       </nete:cond>

     

    If I go to the URL https://spshostname/Demo/Vendor1/Vendor1Home.jsp , the proxy rule fires correctly and everything is kosher.

     

    But, when I try to get to a IDP initiated URL, or the assertion retriever URL to see if my Fed Gateway initialized correctly, I get an error saying backend timed out. So I don't know if I have to add /affwebservices in the proxyrules.xml?

     

    The same agent is protecting redirect.jsp and also /Demo/Vendor1.

     

    Am I missing something?

     

    Regards,

    Anand.



  • 2.  Re: Can the same CA SPS act as a reverse proxy and Fed Gateway?

    Posted Jun 14, 2016 07:24 PM

    nevermind. Stupid typo.