<Location> and .htaccess
Aaron Roots
aaron.roots at deakin.edu.au
Thu Nov 3 04:01:23 GMT 2011
Hi all,
So I have this config as indicated in the wiki:
https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPApacheConfig
<Location />
AuthType shibboleth
ShibRequestSetting requireSession 1
Require shibboleth
</Location>
I then try to further restrict the access in a .htaccess file within the
file system
Require user notaaron
However I am still allowed access. Even if I add "ShibRequireAll On" to
the mix - the further requires in the .htaccess file are still ignored.
I'm not actually trying to do this exact setup - in my Location I am
actually trying to restrict to an attribute that identifies Student/Staff
and only allow staff. The further down I am trying to limit to a specific
set of staff identified by username. But it lets all staff access the
further restricted page.
I see on
https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPhtaccess that
Location block will take precedence - but I couldn't take this config out
of the Locations as mod_rewrite is also being used within the application.
Which will only set the Environment Variables as expected when using in a
Location block.
I am thinking this is going to be rock and hard place kind of issue
Cheers Aaron
More information about the users
mailing list