PathRegex help requested
Kevin Donn
kdonn at msedd.com
Wed Jun 29 15:56:14 UTC 2022
First post - apologies in advance if I'm violating any norms.
I'm using Shibboleth SP 3.2.3 on Windows Server 2019 with IIS. It has
been in production for quite a long time and working fine. I noticed at
some point that it was protecting a path that shouldn't be protected so
I added a rule for it like so:
<Host name="xx.xxxxx.com" authType="shibboleth" requireSession="true">
<Path name="api" authType="shibboleth" requireSession="false"/>
<Path name="images" authType="shibboleth" requireSession="false"/>
<Path name="Framework/EmailSimple.aspx" authType="shibboleth" requireSession="false"/>
<Path name="Framework/Help.aspx" authType="shibboleth" requireSession="false"/>
</Host>
It's the "EmailSimple.aspx" that I wanted to unprotect. But it turns out
that there are several pages that all begin "Email" that also shouldn't
be protected, so I decided to try to use PathRegex to cover them all
like so:
<Host name="xx.xxxxx.com" authType="shibboleth" requireSession="true">
<Path name="api" authType="shibboleth" requireSession="false"/>
<Path name="images" authType="shibboleth" requireSession="false"/>
<Path name="Framework/EmailSimple.aspx" authType="shibboleth" requireSession="false"/>
<PathRegex regex="framework/email.*.aspx" authType="shibboleth" requireSession="false" />
<Path name="Framework/Help.aspx" authType="shibboleth" requireSession="false"/>
</Host>
I've tried every variation of this I can imagine, but I haven't gotten
anything to work. Any ideas of what I might be doing wrong or how to go
about debugging it?
kd
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20220629/36bbd272/attachment.htm>
More information about the users
mailing list