error document & public directory

Václav Mach machv at
Mon Sep 17 08:45:36 EDT 2018

On 09/17/2018 02:14 PM, Peter Schober wrote:
> * Václav Mach <machv at> [2018-09-17 14:01]:
>> On 09/17/2018 01:57 PM, Václav Mach wrote:
>>> Is this intended behavior? Any more thought on this?
>> The directory /test was not existing, so that was the problem. Ignore
>> previous mail.
> That should be irrelevant for a <Location> directive.
> Protection would be enforced even if after auth passes you'd get a 404
> Not Found error.

Solved by:

<Location "/">
     AuthType shibboleth
         Require shibboleth
         ShibRequestSetting requireSession 1
         Require shib-attr perunUniqueGroupName test
     ErrorDocument 401 /unauthorized.html
<Location "/unauthorized.html">
     AuthType shibboleth
     Require shibboleth
     ShibRequestSetting requireSession 0

While this works fine, Alan Buxey mentioned that this could lead to 
unexpected URI circumvention.

I assume i should use Files directive instead of Location for the 
unauthorized.html file, but this does not work.

Václav Mach
tel: +420 234 680 206
CESNET, z.s.p.o.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3710 bytes
Desc: S/MIME Cryptographic Signature
URL: <>

More information about the users mailing list