Hello IBM Folks,
we defined a relying party interceptor with a interceptedPathFilter starting at the context root of our application („ourApplication") and an authorizeEndpointUrl with an endpoint in our application, which is deployed on the same WebSphere. This works so far.
Now we have the situation (at customer site), that the WebSphere (and so the application) should be reachable via a Web Application Firewall (WAF) as well as without the WAF routing. This means that, we have to support URIs with different authority parts:
1.
https://with-waf/ourApplication2.
https://without-waf/ourApplicationSo, the idea was to define two providers in the RP with two different values for the authorizeEndpointUrl and the interceptedPathFilter parameters like this:
- provider_1.authorizeEndpointUrl=https://with-waf/ourApplication/authorize
- provider_1. interceptedPathFilter =https://with-waf/ourApplication.*
- provider_2.authorizeEndpointUrl=https://without-waf/ourApplication/authorize
- provider_2. interceptedPathFilter =https://without-waf/ourApplication.*
But this doesn't work, because it seems, that the interceptedPathFilter cannot be defined with the schema and the authority part. At least the redirect to the authorize endpoint doesn't work when I do this.
Is there another solution for this problem?
Kind regards
Thomas
------------------------------
Thomas Mayr
------------------------------