To avoid this in the above use case, the ‘Error on DNS mismatch’ flag was disabled, enabling users with different Host HTTP headers resolving to this proxy service to be handled without error. Making these changes however always triggers the 403 error on browser eg.
– create an RP with valid name eg. www.novell.com
– under web server config, disable the ‘error on DNS mismatch’ flag
– under web server config, select to forward web server hostname
– modify /etc/hosts so that www2.novell.com resolves to IP address of above RP
– access the www2.novell.com hostname and confirm you see 403 mismatch error