RequestMap for IIS
tdoan at smu.edu
Fri Mar 6 13:05:39 EST 2020
Right, so if I don’t protect the Host element I have to protect everything else with a few exceptions, so that’s the idea for the PathRegex element here. I have no control over what content the developers might add to the site over time. Maybe this is just how it’s done but wanted a review.
<Host name="mysite.school.edu" authType="shibboleth" >
<PathRegex regex=".*" requireSession="true" />
From: users <users-bounces at shibboleth.net> On Behalf Of Cantor, Scott
Sent: Friday, March 6, 2020 11:51 AM
To: Shib Users <users at shibboleth.net>
Subject: Re: RequestMap for IIS
On 3/6/20, 12:45 PM, "users on behalf of Doan, Tommy" <users-bounces at shibboleth.net on behalf of tdoan at smu.edu<mailto:users-bounces at shibboleth.net%20on%20behalf%20of%20tdoan at smu.edu>> wrote:
> So what I lack is ability in the RequestMap to not protect the root –
> if I could accomplish that I think everything gets more straightforward.
It doesn't protect anything by default. The true root is only going to match the rule in the Host element.
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net<mailto:users-unsubscribe at shibboleth.net>
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the users