<div>Hi,</div><div> </div><div>We are having an issue with our P3P headers not being detected in our Shibboleth posting URL - <a>https://[our</a> domain]/<span style="font-family:"Calibri","sans-serif";font-size:11pt">Shibboleth.sso/SAML2/POST</span></div>
<div> </div><div>We are running Shibboleth 2.3.1 and Apache 2.2</div><div>We have added the following line to the virtual host in Apache's ssl configuration file. </div><div>Header set P3P "CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\", policyref=\"/w3c/p3p.xml\"" </div>
<div> </div><div>We are able to detect the P3P headers in all pages in the website except for the ones that are related to Shibboleth - <a>https://[our</a> domain]/<span style="font-family:"Calibri","sans-serif";font-size:11pt">Shibboleth.sso/SAML2/POST itself and the configured error pages.</span></div>
<div><span style="font-family:"Calibri","sans-serif";font-size:11pt"></span> </div><div><span style="font-family:"Calibri","sans-serif";font-size:11pt">We also have an issue with clients' IFrame application blocking our cookies because it cannot detect the P3P headers.</span></div>
<div><span style="font-family:"Calibri","sans-serif";font-size:11pt"></span> </div><span style="font-family:"Calibri","sans-serif";font-size:11pt"><div><span style="font-family:"Calibri","sans-serif";font-size:11pt">Our application works as followed - </span></div>
<div><span style="font-family:"Calibri","sans-serif";font-size:11pt">Our client has the application in an IFRAME. </span></div><div><span style="font-family:"Calibri","sans-serif";font-size:11pt">It submits an authentication to <a>https://[our</a> domain]/<span style="font-family:"Calibri","sans-serif";font-size:11pt">Shibboleth.sso/SAML2/POST (No P3P headers detected, cookies blocked by IE)</span></span></div>
<div><span style="font-family:"Calibri","sans-serif";font-size:11pt"><span style="font-family:"Calibri","sans-serif";font-size:11pt">Once it is validated, they are redirected to our application's home page <a>https://[our</a> domain]/[indexPage] (We are able to detect P3P headers, no issues)</span></span></div>
</span><div></div><div><span style="font-family:"Calibri","sans-serif";font-size:11pt">I would like to know what I need to do to get the headers set, which configuration do I need to change in Shibboleth (or Apache). We are hoping to set the p3p headers or to have our clients' IE browser not block our cookies.</span></div>
<div><span style="font-family:"Calibri","sans-serif";font-size:11pt"></span> </div><div><span style="font-family:"Calibri","sans-serif";font-size:11pt">All help is greatly appreciated.</span></div>
<div><span style="font-family:"Calibri","sans-serif";font-size:11pt"></span> </div><div><span style="font-family:"Calibri","sans-serif";font-size:11pt">Sincerely,<br>Grace</span></div>
<div><span style="font-family:"Calibri","sans-serif";font-size:11pt"></span> </div><div><span style="font-family:"Calibri","sans-serif";font-size:11pt"><span style="font-family:"Calibri","sans-serif";font-size:11pt"></span></span> </div>
<div><span style="font-family:"Calibri","sans-serif";font-size:11pt"><span style="font-family:"Calibri","sans-serif";font-size:11pt"></span></span> </div><div><span style="font-family:"Calibri","sans-serif";font-size:11pt"><span style="font-family:"Calibri","sans-serif";font-size:11pt"></span></span> </div>
<div><span style="font-family:"Calibri","sans-serif";font-size:11pt"><span style="font-family:"Calibri","sans-serif";font-size:11pt"></span></span> </div><div><span style="font-family:"Calibri","sans-serif";font-size:11pt"></span> </div>
<div><span style="font-family:"Calibri","sans-serif";font-size:11pt"></span> </div>