web.xml now supports a number of
context-param[s] which allow you to control the value of the AssertionConsumerService URLs used by
Typical examples of situations where you might wish to use this is where you are using a load balancer to receive the request, or the service is behind some form of proxy. This would result in problems with requests being re-written to the web server (rather than the load balancer) unless you set context parameters shown below. There is an example at the end of the page.
Use canonical hostname
Description: When set to true the ServerModule will attempt to obtain the canonical hostname via DNS. When set to false the hostname will be obtained from the HOST header value contained in the client request.
(Will be overridden by
OA_OVERRIDE_HOSTNAME if set)
Value: text, e.g:
Description: When specified this value will be used as the hostname.
Description: When specified this value will be used as the schema.
(The default port for the given schema will be applied unless the
OA_OVERRIDE_PORT has been specified)
Value: An integer between 1 and 65535
Description: When specified this value will be used as the port.
Example use case
These directives are useful when Service Providers wish to run atacama-java behind a load balancer or proxy.
- The user makes a request to
- This request is handled by the load balancer which passes the request to one of the back end servers. This will normally result in the request being rewritten to the web server (e.g. ). The change of host, port and schema will cause the response obtained from the users identity provider to be discarded.
This can be fixed by adding the following to the web.xml:
We don't need to override the port in this case because the default https port (443) will be assumed based on the schema override.