comanage-users - Re: [comanage-users] SAML vars in self-service enrollment
Subject: COmanage Users List
List archive
- From: Benn Oshrin <>
- To: Paul Caskey <>
- Cc: "" <>
- Subject: Re: [comanage-users] SAML vars in self-service enrollment
- Date: Mon, 17 Apr 2017 18:39:35 -0400
- Ironport-phdr: 9a23:WC5gXh95vQscW/9uRHKM819IXTAuvvDOBiVQ1KB32+wcTK2v8tzYMVDF4r011RmSDNudsawP0rWL+4nbGkU4qa6bt34DdJEeHzQksu4x2zIaPcieFEfgJ+TrZSFpVO5LVVti4m3peRMNQJW2aFLduGC94iAPERvjKwV1Ov71GonPhMiryuy+4ZPebgFJiTanf79/LRq6oRjTu8QWnIBvNrs/xhzVr3VSZu9Y33loJVWdnxb94se/4ptu+DlOtvwi6sBNT7z0c7w3QrJEAjsmNXs15NDwuhnYUQSP/HocXX4InRdOHgPI8Qv1Xpb1siv9q+p9xCyXNtD4QLwoRTiv6bpgRQT2gykbKTE27GDXitRxjK1FphKhuwd/yJPQbI2MKfZyYr/RcdYcSGFcXMheSjZBD5uhYYURAeoPPeVWoYfzqFQBrxSxGQaiCfjzyj9RnHL6wbE23uohHAzAwQcuH8gOsHPRrNjtKaodT+a1zK/VxjvadPNW2S396InOchs8pvyDRqx/cczXyUkoDA7Fj1OQqZD7MDOP0OQCrXSb4/R6We2xlmEnthh8rz6yzckvkonEnpwZxkzH+CljxIs4J8e0RFN1bNK6CpdcqT2WOohuTs8/X21luzw2x7MatZKhYiQG1YorywTBZ/GIcYWF5A/oWvyLLjdinn1lfaqyhxas/kikze3xTsm00FFPripEjNbMs2oC1x3X6sSeUPRw/V2t2TmV2w/O8OFLP1o7la/bK54m2b4wioAfvljEHi/zgEn2jamWeVs4+uWw9ejrfrbrqoWYOoJ2kA3yL6ojltKlDegmLgQDXHCX+eGm273i+U35Tq9KjvozkqTBq5/VO8Ibpqi+AwJO04Yj7Qq/ACm80NQeg3YHMExJdAiZgIf0JlHCOOr4Auung1SwjDdrwOjLMaHmApXINHfDlq3ufblj5EJF1Qoz1s5Q54hPCrwaJPLzW1TxtMDDDhMnKQC0wuDnCMlj2YMEX2KAHLOZPL3IvVCW++0vPvGGZJUJtzblN/gl+/nugGchmVABZ6apxpgXZ264H/l9IkWZZ2bsjckbEWcMoAU+UPLmhEecXjFOenbhF547swkyFYbuJo7YRY28yOiZ1y6gHZBHTmFAFl2WF3r0LcOJV+paOwyIJco0uDECU/CGUI871Bfm4AX3zbxgBuvS5iACs5//jp546/CFxkJ6ziB9E8nIizLFdGpzhG5dAmZuhK0=
You typically would have something like this in your apache config...
<Directory /var/www/html/registry/auth/login/>
AuthType shibboleth
ShibRequestSetting requireSession 1
Require valid-user
</Directory>
<Location /registry>
AuthType shibboleth
Require shibboleth
</Location>
You only want to trigger authentication on the login pages, but you want
the ENV variables set on other requests. You don't want to explicitly
list enrollment URLs since in general there's not guarantee they won't
change.
Thanks,
-Benn-
On 4/17/17 12:22 PM, Paul Caskey wrote:
> First of 2 quick questions…
>
>
>
> Is the right way to use IdP-asserted SAML vars in self-service
> enrollment to just shibb-protect the enrollment URL?
>
>
>
> The mappings from env vars to form fields seems to be in place…
>
>
>
> Thanks!
>
- [comanage-users] SAML vars in self-service enrollment, Paul Caskey, 04/17/2017
- Re: [comanage-users] SAML vars in self-service enrollment, Benn Oshrin, 04/17/2017
- RE: [comanage-users] SAML vars in self-service enrollment, Paul Caskey, 04/17/2017
- Re: [comanage-users] SAML vars in self-service enrollment, Dave Dykstra, 04/19/2017
- Re: [comanage-users] SAML vars in self-service enrollment, Kevin Foote, 04/19/2017
- Re: [comanage-users] SAML vars in self-service enrollment, Benn Oshrin, 04/17/2017
Archive powered by MHonArc 2.6.19.