When using SAML artifact binding the SAML SP (service provider) sends an artifact resolution request to the SAML IdP (identity provider). This article explains how to use an HTTP proxy for this request (Airlock IAM as SAML SP).
Procedure-related prerequisites
- Airlock IAM is used as SAML SP (service provider).
- SSO with HTTP artifact binding is configured.
Instruction
- Open the
instance.propertiesin the instance folder (e.g.instances/auth/) for editing. - Edit the line
iam.java.optsto contain - Optional: To exclude hosts (i.e. localhost) from the proxy path, add the following to
iam.java.opts: - The proxy is now configured and enabled for SAML.
copy
-Dhttps.proxyHost=proxy.host -Dhttps.proxyPort=8080 -Dhttps.proxySet=true
Note: Change the proxy host and port number according to your proxy setup requirements.
copy
-Dhttp.nonProxyHosts="localhost|host.example.com"
Further information and links
- For information about
instance.propertiesandiam.java.opts, see: Application parameters