Anyone securing an Angular application
Starkey, Don [BSD] - CRI
dstarkey at bsd.uchicago.edu
Thu Jul 19 10:49:48 EDT 2018
Hello,
I am having trouble securing my Angular application. The same shib setup works fine for .net apps and web form sites. So that is not an issue. However, when I try to use the same shib setup to secure the angular application it does not work. In order to isolate the problem, I removed the catchall route. This let me see that the shib is trying to connect but it just displays the shib error page. Following error in Dev Toolbox.
GET https://shibboleth2.uchicago.edu/idp/profile/SAML2/Redirect/SSO?SAMLhttps://shibboleth2.uchicago.edu/idp/profile/SAML2/Redirect/SSO?<https://shibboleth2.uchicago.edu/idp/profile/SAML2/Redirect/SSO?SAML>SAML Request xxxxxxxx
500 server error, and Shib simply displays error page without giving option to sign in
Also:
Cross-Origin Read Blocking (CORB) blocked cross-origin response https://shibboleth2.uchicago.eduhttps://shibboleth2.uchicago.edu
So I believe that CORS is blocking access to the shib provider, but I do not know how to disable this to allow my application to access the shib web site. Does anyone have an Angular application working and how did you set up the application to allow Shibboleth authentication.
Any help is greatly appreciated.
Thank you,
Don Starkey
Lead Web Application Developer
Center for Research Informatics
The University of Chicago
5454 S. Shore Drive, 1D
Chicago, IL 60637
Phone: 773-834-4809
Email: dstarkey at bsd.uchicago.edu<mailto:jjohnso3 at bsd.uchicago.edu>
More information about the users
mailing list