Client has configured Tomcat with SAML authentication in Azure on port 8443 and IIS is not configured with SAML. With IIS when they connect externally the Upload-Servlet and Export are not working. Internally 2FA is happening and it is working with both IIS and Tomcat.

The ideal way to achieve this with SDM is to set up two application servers, one for each URL(External and Internal). It's ver hard to achieve this functionality with a single instance of SDM, because

1. We have to check for origin URLs and match them with internal configuration values which becomes convoluted quickly and the code changes don't achieve the desired functionality even with all the changes.

2. After performing export, we ask the Servlet to return to a particular URL for the export and we don't want the user redirecting to a different URL from the origin URL and proper checks are put in place to prevent this redirection security issues. To implement this functionality in a single server, we have to remove these redirection checks which will compromise the user's security and we want to avoid this.

The multiple application server setup is ideal for the current functionality and it becomes easier to manage by keeping the state of the application between these two URLs independent.