Anyone securing an Angular application
Starkey, Don [BSD] - CRI
dstarkey at bsd.uchicago.edu
Fri Jul 20 10:56:53 EDT 2018
Are you saying that you cannot secure a client side application run in the browser with shibboleth? Do you have an example of how to do this if it is possible?
Thanks again,
Don
-----Original Message-----
From: users [mailto:users-bounces at shibboleth.net] On Behalf Of Peter Schober
Sent: Friday, July 20, 2018 2:15 AM
To: users at shibboleth.net
Subject: Re: Anyone securing an Angular application
* Starkey, Don [BSD] - CRI <dstarkey at bsd.uchicago.edu> [2018-07-19 16:50]:
> I am having trouble securing my Angular application. The same shib
> setup works fine for .net apps and web form sites.
Well, those others are running in the web server. Your Angular
application runs in the web browser. So completely different in every
way.
> So that is not an issue. However, when I try to use the same shib
> setup to secure the angular application it does not work.
The example I (and others) have provided works. You don't provide
technical details what you did and what specifically differs in your
requirements.
> the shib is trying to connect but it just displays the shib error
> page. Following error in Dev Toolbox.
>
> GET https://shibboleth2.uchicago.edu/idp/profile/SAML2/Redirect/SSO?SAMLhttps://shibboleth2.uchicago.edu/idp/profile/SAML2/Redirect/SSO?<https://shibboleth2.uchicago.edu/idp/profile/SAML2/Redirect/SSO?SAML>SAML Request xxxxxxxx
>
> 500 server error, and Shib simply displays error page without giving option to sign in
>
> Also:
>
> Cross-Origin Read Blocking (CORB) blocked cross-origin response https://shibboleth2.uchicago.edu
That's the consequence of your client-side JavaScript code trying to
follow the HTTP 302 to the IDP, which cannot work. You'll need to do a
full browser redirect to the IDP if you want to use the SAML Web
Browser SSO Profile.
-peter
--
For Consortium Member technical support, see https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.shibboleth.net_confluence_x_coFAAg&d=DwICAg&c=Nd1gv_ZWYNIRyZYZmXb18oVfc3lTqv2smA_esABG70U&r=SyA2YCI7HlJq7K2uJNf8XuCvAFTPQKOAB76WrUUQM8M&m=LMwCx0Xj4_eOxTxmtplTXT5oowThaqgB-DdWZIer6Oc&s=BFUoa3iwHOxtB_jYqshr2bALBzazURIabGj0kBzMepM&e=
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
More information about the users
mailing list