Shibboleth with AWS Cloudfront

Wessel, Keith kwessel at illinois.edu
Thu Nov 14 10:53:33 EST 2019


But I assume that the two shibboleth2.xml settings (handlerSSL="false" and cookieProps="http" still need to be set?

Keith


-----Original Message-----
From: users <users-bounces at shibboleth.net> On Behalf Of Cantor, Scott
Sent: Thursday, November 14, 2019 9:50 AM
To: Shib Users <users at shibboleth.net>
Subject: Re: Shibboleth with AWS Cloudfront

On 11/14/19, 9:56 AM, "users on behalf of Wessel, Keith" <users-bounces at shibboleth.net on behalf of kwessel at illinois.edu> wrote:

> Interesting. Is that different in 3 than it used to be in 2? That 
> wasn't my past experience when putting services behind SLBs that also offloaded SSL.

The SP generally just applies behavior based on the URL it operates on, and that URL should be https:// in such a case, that's really all that matters (I mean, in the broad sense, the scheme, port, and host are the factors here).

> More importantly, which settings does one need to make for this to work behind an SSL-offloading SLB?

ServerName, that's it.

-- Scott


--
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net


More information about the users mailing list