Hi Richard,
Please check whether this approach would for you or not:
You can have folders and jsp's under affwebservices application without making any changes to Tomcat's base config files, however you may need to bounce the SPS service once.
Create a custom jsp file called "ssoredirect.jsp" and have the logic to filter/identify the company name and then post the saml request to the OOTB SAML IDP url.
Configuration may look like below:
Step:1
Location of custom jsp file: /opt/CA/secure-proxy/Tomcat/webapps/affwebservices/ssoredirect.jsp
Step:2
Change IDP metadata binding location to (SP has to post SAML request to the below url, instead of the OOTB url), also below url will acts as an IDP initiated url:
https://login.example.com/affwebservices/ssoredirect.jsp?SPID=sp.app1
Step:3
Have logic and perform string operations as per your requirement on the ssoredirect.jsp page.
Step:4
On the same custom page, construct url as below and redirect.
https://login.example.com/affwebservices/public/saml2sso?SPID=sp.app1
Note:
- You can have as many folders/subfolders and files under /affwebservices as per your requirement.
also You may need to take care of
- url encode/decode
- relay state value...etc.
Regards
Ashok