Mix Basic Auth and Shibboleth Auth
Cantor, Scott
cantor.2 at osu.edu
Tue Feb 20 09:24:57 EST 2018
> But none works, the redirect to SP Login is triggered unconditionally.
> The list mentions using the ShibCompatValidUser flag, is this correct
> that my versions of Apache and SP would not use this flag? At least I
> cannot see a difference.
It's only used on 2.4, so it's literally exactly that version.
You would have to use lazy sessions, I would imagine. Authentication is not authorization, they're different Apache functions. You can't mix and match different authentication types at the same time.
> When I used an IP address restriction instead of Basic Auth, the setup
> works as intended, but that would only be the second best choice.
Because IP is authorization, I imagine.
-- Scott
More information about the users
mailing list