<div>Hi,</div><div> </div><div>We are having an issue with our P3P headers not being detected in our Shibboleth posting URL - <a>https://[our</a> domain]/<span style="font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;font-size:11pt">Shibboleth.sso/SAML2/POST</span></div>

<div> </div><div>We are running Shibboleth 2.3.1 and Apache 2.2</div><div>We have added the following line to the virtual host in Apache&#39;s ssl configuration file. </div><div>Header set P3P &quot;CP=\&quot;IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\&quot;, policyref=\&quot;/w3c/p3p.xml\&quot;&quot; </div>

<div> </div><div>We are able to detect the P3P headers in all pages in the website except for the ones that are related to Shibboleth  - <a>https://[our</a> domain]/<span style="font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;font-size:11pt">Shibboleth.sso/SAML2/POST itself and the configured error pages.</span></div>

<div><span style="font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;font-size:11pt"></span> </div><div><span style="font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;font-size:11pt">We also have an issue with clients&#39; IFrame application blocking our cookies because it cannot detect the P3P headers.</span></div>

<div><span style="font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;font-size:11pt"></span> </div><span style="font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;font-size:11pt"><div><span style="font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;font-size:11pt">Our application works as followed - </span></div>

<div><span style="font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;font-size:11pt">Our client has the application in an IFRAME. </span></div><div><span style="font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;font-size:11pt">It submits an authentication to <a>https://[our</a> domain]/<span style="font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;font-size:11pt">Shibboleth.sso/SAML2/POST  (No P3P headers detected, cookies blocked by IE)</span></span></div>

<div><span style="font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;font-size:11pt"><span style="font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;font-size:11pt">Once it is validated, they are redirected to our application&#39;s home page <a>https://[our</a> domain]/[indexPage] (We are able to detect P3P headers, no issues)</span></span></div>

</span><div></div><div><span style="font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;font-size:11pt">I would like to know what I need to do to get the headers set, which configuration do I need to change in Shibboleth (or Apache).  We are hoping to set the p3p headers or to have our clients&#39; IE browser not block our cookies.</span></div>

<div><span style="font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;font-size:11pt"></span> </div><div><span style="font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;font-size:11pt">All help is greatly appreciated.</span></div>

<div><span style="font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;font-size:11pt"></span> </div><div><span style="font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;font-size:11pt">Sincerely,<br>Grace</span></div>

<div><span style="font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;font-size:11pt"></span> </div><div><span style="font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;font-size:11pt"><span style="font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;font-size:11pt"></span></span> </div>

<div><span style="font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;font-size:11pt"><span style="font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;font-size:11pt"></span></span> </div><div><span style="font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;font-size:11pt"><span style="font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;font-size:11pt"></span></span> </div>

<div><span style="font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;font-size:11pt"><span style="font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;font-size:11pt"></span></span> </div><div><span style="font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;font-size:11pt"></span> </div>

<div><span style="font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;font-size:11pt"></span> </div>