Shibboleth SP w/IIS - satisfy with valid Session or IP range?

Robert Rust robert.j.rust at
Mon Apr 13 15:12:13 EDT 2020


I’m wondering if there’s a way to protect a directory in IIS such that access will always be allowed from certain IPs but others will be required to have a Shibboleth SP session. The application I’m protecting doesn’t really care about the person’s identity, so this is more about restricting access to people in a certain physical location (IP block) or who are at all affiliated (can authenticate). It’s something that I think is straight-forward to do with Apache httpd, but my Googling is not turning up how I can do it with IIS. Is there anybody on the list that can point me in the right direction for accomplishing it?

Robert J. Rust
Systems Administrator
Division of Technology Services
Univ. of Wisc. - River Falls
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list