general questions
Nate Klingenstein
ndk at dewpoint.id
Sun Jul 8 09:49:35 EDT 2018
Don,
You can configure Shibboleth to protect pages based on a variety of rules or you can configure the web server itself to do enforcement of identity requirements itself. Otherwise, you're going to need to define "conditional" for a better answer.
https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPProtectContent
If the landing page and the application are on the same server and should be considered part of the same security area, then you can relay session information between them. Do it with great deliberacy, because you're effectively building your own SSO protocol if you're trying to remote identity away from applications: that is what SAML itself was designed for, after all.
Take care,
Nate.
-----Original message-----
> From: Starkey, Don [BSD] - CRI
> Sent: Sunday, July 8 2018, 6:38 am
> To: users at shibboleth.net
> Subject: general questions
>
> Hello,
>
> couple of quick questions.
>
> Is it possible to conditionally Shibboleth protect a page? For example, we would like developers to do local programming work without having to go through Shibboleth.
>
> Can a landing page route a user to the application, for example using a response redirect?
>
>
>
> Don Starkey
> Lead Web Application Developer
>
> Center for Research Informatics
> The University of Chicago
> 5454 S. Shore Drive, 1D
> Chicago, IL 60637
> Phone: 773-834-4809
> Email: dstarkey at bsd.uchicago.edu<mailto:jjohnso3 at bsd.uchicago.edu>
> --
> For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
>
More information about the users
mailing list