cantor.2 at osu.edu
Wed Apr 2 17:34:13 EDT 2014
On 4/2/14, 5:14 PM, "Johnson, Jacob (GE, Intelligent Platforms)"
<Jacob.Johnson at ge.com> wrote:
>Ive tried the nested path approach with the web application and it doesn¹t
>seem to work. What we want is to have our site, gesnapshot.com SSO
>protected but certain paths with in the site
>gesnapshot.com/ApcDigitalDashboardService.svc/images not sso protected.
Well, it works, so I don't have a lot to suggest. You can turn up
native.logger and try and debug the mapper and see what it's seeing in the
way of URLs.
> <Path name="index.html" authType="shibboleth"
> <Path name="ApcDigitalDashboardService.svc"
> <Path name="data" requireSession="false"/>
> <Path name="images" requireSession="false"/>
>This results in no SSO authentication required at the root level
>(gesnapshot.com). We want the root protected but the data and images paths
>under ApcDigitalDashboardService.svc open.
Well, you don't have the root configured for that, you only have the file
at /index.html and then the content inside /ApcDigitalDashboardService.svc
protected, excluding those two exceptions.
Aside from that, I can't say, other than that this works fine, and when it
doesn't, there's a deployer mistake somewhere. Usually the mistake is
creating Path siblings that overlap, but you're not embedding any slashes
here in your pathnames as a shortcut, so that rules that out.
More information about the users