rewrite/redirect just after authentication
Marco Broglia
marco.broglia at mutex.it
Wed Apr 13 09:04:57 UTC 2022
Hello,
we have idp v4.1.6 and sp v3.2.3. In our Apache vh config file:
--
<Location />
AuthType shibboleth
ShibRequestSetting requireSession true
Require shib-session
</Location>
RewriteCond %{LA-U:REMOTE_USER} .+
RewriteRule ^/(.*) https://.../$1 [R,L]
--
The two goals are:
[major] redirect only auth'ed user to another (external) url
[minor] curl the metadata: curl https://<vh>/Shibboleth.sso/Metadata
Two problems:
- [major] I have two warn/err messages for each authentication:
- in shibd(_warn).log:
/WARN Shibboleth.SSO.SAML2 [21] [default]: error processing incoming
assertion: Invalid HTTP method (GET)/
- in Apache error_log:
/[mod_shib:error] [...] Invalid HTTP method (GET)., referer:
//https://idp...it/ <https://idp.unibocconi.it/>/
- [minor] curl returns bad metadata (two concatenated output) when the
RewriteCond/Rule is present (it's ok without the rules)
Thanks in advance.
Marco.
--
% Marco Broglia
% via per Vimodrone 9, 20093 Cologno Monzese (MI)
% email:marco.broglia at mutex.it
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20220413/1182450c/attachment.htm>
More information about the users
mailing list