My organization recently purchased a ME ServiceDeskPlus on-premise license and I had the task of setting it up. Since we're running multiple ManageEngine services on the same server, I utilized IIS Reverse Proxy URL Rewrites to redirect incoming HTTPS traffic over 443 to the default ports of our various services. In this case:
That all functions perfectly fine, however things seem to get weird when I try to configure Single Sign-On to our local ADFS server. I set up everything pertaining to IDP login and logout URLs and added the relying party trust, etc. But when I click the "Log in with SAML Single Sign On" link on the login page to ServiceDesk, the application is routing the request to the wrong URL.
I even tried configuring an additional URL redirect rule to take that specific URI and redirect it to sts.company.com as proper. When I do that, the SAML2 authentication actually succeeds on the ADFS side, but when it directs me back to ServiceDesk, I receive an error stating SAML authentication failed with error code 42
Looking through the documentation this appears because the SAML reply URL was different from the URL the application thinks it sent the request to.
Any thoughts on how I can get the application to co-operate?