Mix Basic Auth and Shibboleth Auth

Cantor, Scott cantor.2 at osu.edu
Tue Feb 20 09:24:57 EST 2018

> But none works, the redirect to SP Login is triggered unconditionally.
> The list mentions using the ShibCompatValidUser flag, is this correct
> that my versions of Apache and SP would not use this flag? At least I
> cannot see a difference.

It's only used on 2.4, so it's literally exactly that version.

You would have to use lazy sessions, I would imagine. Authentication is not authorization, they're different Apache functions. You can't mix and match different authentication types at the same time.

> When I used an IP address restriction instead of Basic Auth, the setup
> works as intended, but that would only be the second best choice.

Because IP is authorization, I imagine.

-- Scott

More information about the users mailing list