shib SP 2.5.3 and apache 2.4 AccesControl require session
Jehan Procaccia
jehan.procaccia at tem-tsp.eu
Fri Jan 26 13:23:07 EST 2018
Le 26/01/2018 à 18:21, Cantor, Scott a écrit :
>> if I set here ShibRequireSession Off ( to reflect requireSession 0 on the old server config) , then I get a "Unauthorized"
>> response :
> Because you changed the require rule from "shibboleth", a dummy rule for passive content protection, to "shib-session", which means "a session has to exist, doesn't matter what the data is". You're changing things that don't need to be changed.
you'r right , I miss interpreted
https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPhtaccess
considering the "shibboleth" dummy rule to be a bad choice, finally
shib-session was worse in my case
I moved back to
<Location /shibwayf>
* ShibRequireSession Off*
AuthType shibboleth
* require shibboleth*
</Location>
and now it works fine
>
> What has been posted is physically impossible, so the script itself is at fault somewhere. I don't know Perl particularly, or anything about the specifics of the environment, but the data's there, your script just isn't getting to it for reasons unrelated to the SP.
>
> It's not an environment/header issue, since the built-in data is showing up as variables and not headers (no HTTP_ prefix).
I do have now
REMOTE_USER = procacci at int.fr
eppn = procacci at int.fr
thanks .
>
> -- Scott
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20180126/11799361/attachment.html>
More information about the users
mailing list