I would like to open an enhancement request to disallow access to the federation web apps on a per Virtual Host basis inside the SPS server.conf.
Currently the server.conf supports the following options.
For example in this use case three virtual hosts are defined. federationgateway, virtualhost2, virtualhost3.
In my case currently I am able to hit the /affwebservices/assertionretriever from all virtual hosts
I would like to see this configurable to allow only a single defined or user defined virtual host e.g. https://federationgateway.example.com/affwebservices/assertionretriever
be able to access the federated apps.
The SPS is being viewed as the access gateway into many customer's environments and in environments where both federated and standard SSO use cases are present this allows end users access to resources that should not be available in each case.