Use HTTP verb in Service Provider request mapper
Fabien BERTEAU
fabien.berteau at manomano.com
Wed Oct 20 16:01:27 UTC 2021
Hi,
I would like to use SAML/Shibboleth technology in order to make a prototype
that will protect our web services with a Shibboleth Service Provider. Our
security policy would be based not only on the host and the path but also
on the HTTP verb. For example,
https://browserapi.manomano.fr/api/v1/products/... need a public/not
authenticated access on a HTTP GET, but requires an authenticated one on
the other verbs.
How can this be done ?
Best regards
Fabien Berteau | Security Architect
Bordeaux
fabien.berteau at manomano.com <aurelien.lajoie at manomano.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20211020/04064528/attachment.htm>
More information about the users
mailing list