general questions

Nate Klingenstein ndk at
Sun Jul 8 09:49:35 EDT 2018


You can configure Shibboleth to protect pages based on a variety of rules or you can configure the web server itself to do enforcement of identity requirements itself.  Otherwise, you're going to need to define "conditional" for a better answer.

If the landing page and the application are on the same server and should be considered part of the same security area, then you can relay session information between them.  Do it with great deliberacy, because you're effectively building your own SSO protocol if you're trying to remote identity away from applications: that is what SAML itself was designed for, after all.

Take care,
-----Original message-----
> From: Starkey, Don [BSD] - CRI
> Sent: Sunday, July 8 2018, 6:38 am
> To: users at
> Subject: general questions
> Hello,
> couple of quick questions.
> Is it possible to conditionally Shibboleth protect  a page?  For example, we would like developers to do local programming work without having to go through Shibboleth.
> Can a landing page route a user to the application, for example using a response redirect?
> Don Starkey
> Lead Web Application Developer
> Center for Research Informatics
> The University of Chicago
> 5454 S. Shore Drive, 1D
> Chicago, IL 60637
> Phone:  773-834-4809
> Email:  dstarkey at<mailto:jjohnso3 at>
> -- 
> For Consortium Member technical support, see
> To unsubscribe from this list send an email to users-unsubscribe at

More information about the users mailing list