HOW to setup URL Redirect for accessing a Linux server?

Nate Klingenstein ndk at signet.id
Mon Nov 19 23:02:27 EST 2018 

Abby,

First, you should upgrade to the most recent release of the SP(3) when you can.

Second, it's not totally clear to me what you are looking to achieve.  It sounds like you have Shibboleth installed on an IIS server successfully, but you also want to use that authentication to protect resources running on a different server, your Linux machine.  Proxied authentication, basically.

If my guess is correct, then you're trying to propagate authentication from one server to another server.  Shibboleth sets user sessions and attributes locally.  Rewrite rules aside, you wouldn't have access to the authentication or attribute information from the IIS server on the Linux server unless you forward it along securely somehow.

The recommended option is installing the Shibboleth SP on the Linux server and turning it into an exposed SP.  That way, the IdP can interact directly with it.  It can even have the same entityID so your entire system looks like one logical service.

If that doesn't fit your use case, you would typically turn the IIS server into a proxy for the Linux server.  That can be done by having an IdP on your IIS server and an SP on the Linux server that talk only to each other, so there are 2 SAML transactions, or you could use another mechanism to relay the authentication and attribute information, but be certain that it's secure.

If I misunderstood what you're trying to accomplish, please offer more details about your use case.

Take care,
Nate.
 
-----Original message-----
> From: ayeungied
> Sent: Monday, November 19 2018, 8:16 pm
> To: users at shibboleth.net
> Subject: HOW to setup URL Redirect for accessing a Linux server?
> 
> 
> 
> Hi,
> 
> I am setting up the Shibboleth 2.x in Windows 2016 and IIS10. I can configure  the SAML authentication for the local IIS server. I have installed and configured the URL rewrite, the local reserves proxy has also been set for the local index.asp file.
> 
> In the shibboleth2.xml file
> 
> I have set it as
> 
> In the web configuration file in iis
> 
> I have set it as
> 
> However, I have no idea for how to set the rul rewrite to redirect the reverse proxy to a Linux server which named linuxteszz-webz.xxxx.us, the path is webzsup and the default page is index.php, would anyone point my nose to the right direction?
> 
> Big thanks.
> 
> Abby.
> 
> -----------
> 
> Sent from the Shibboleth - Users mailing list archive <http://shibboleth.1660669.n2.nabble.com/Shibboleth-Users-f1660767.html> at Nabble.com.
> 
> --
> 
> For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
> 
> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
> 
>

More information about the users mailing list