Shibboleth with AWS Cloudfront
Sylvia, Shannon
s.sylvia at northeastern.edu
Wed Nov 13 18:25:01 EST 2019
Thanks so much.
I have changed the configuration several times, and I believe that I tested allowing http traffic.
I will admit that I know very little about Shibboleth, and I am just becoming familiar with AWS.
I will look at the configuration file again and adjust if needed.
Thanks,
S. Sylvia
From: users <users-bounces at shibboleth.net> on behalf of "Wessel, Keith" <kwessel at illinois.edu>
Reply-To: Shib Users <users at shibboleth.net>
Date: Wednesday, November 13, 2019 at 6:15 PM
To: Shib Users <users at shibboleth.net>
Subject: RE: Shibboleth with AWS Cloudfront
Is your AWS load balancer speaking http instead of https to the web server running the SP? If so, you need to get the SP to accept cookies and traffic from non-HTTPS endpoints.
Keith
From: users <users-bounces at shibboleth.net> On Behalf Of Sylvia, Shannon
Sent: Wednesday, November 13, 2019 5:10 PM
To: users at shibboleth.net
Subject: Shibboleth with AWS Cloudfront
Hello all,
I have spent days trying to understand why simple index.html websites that work fine in our inhouse Linux environment using Shibboleth with the same configuration files goes into a loop when I create the websites on AWS, using AWS Linux 2, AWS Application Load Balancer, CloudFront and Route 53.
It all appears to go through and connect to the Idp, it brings back the Idp metadata. I am told the Idp is able to update the SP metadata.
It is simply using apache 2.4 on AWS Linux 2 – very straight forward. It is not using Elastic IPs, so the IP addresses are not fixed.
Does anyone have suggestions for this architecture?
Thanks so much in advance,
S. Sylvia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20191113/b9004b2f/attachment.html>
More information about the users
mailing list