Johnson, Jacob (GE, Intelligent Platforms)
Jacob.Johnson at ge.com
Wed Apr 2 17:14:55 EDT 2014
Ive tried the nested path approach with the web application and it doesn¹t
seem to work. What we want is to have our site, gesnapshot.com SSO
protected but certain paths with in the site
gesnapshot.com/ApcDigitalDashboardService.svc/images not sso protected.
I¹ve tried putting requireSession=²true² in the host tag with the above
mentioned paths set to ³false². Here is what I have now.
This results in no SSO authentication required at the root level
(gesnapshot.com). We want the root protected but the data and images paths
under ApcDigitalDashboardService.svc open.
On 4/1/14 2:37 PM, "Cantor, Scott" <cantor.2 at osu.edu> wrote:
>On 4/1/14, 2:01 PM, "Johnson, Jacob (GE, Intelligent Platforms)"
><Jacob.Johnson at ge.com> wrote:
>>I want to exclude a single file in my application from being protected by
>>SSO. My ideas is to use <PathRegex> in shibboleth.xml to do this.
>Unless you can't just use nested Path elements, I would avoid that. Using
>a regex just introduces a lot of complexity you can usually avoid. I guess
>the problem would be if the single file isn't just one file, but a whole
>set of filenames that can live in many directories.
>>This results in nothing being SSO protected:
>I can tell you for sure that using a lot of advanced syntax is a
>non-starter. The regexp dialect supported is undocumented by Xerces, but
>not anything close to what Java, Perl, etc. would handle.
>So in your specific case, I doubt you'd be successful doing this with a
>regex, which is probably more important to your goal.
>To unsubscribe from this list send an email to
>users-unsubscribe at shibboleth.net
More information about the users