Skip to Content.
Sympa Menu

comanage-users - RE: [comanage-users] SAML vars in self-service enrollment

Subject: COmanage Users List

List archive

RE: [comanage-users] SAML vars in self-service enrollment


Chronological Thread 
  • From: Paul Caskey <>
  • To: Benn Oshrin <>
  • Cc: "" <>
  • Subject: RE: [comanage-users] SAML vars in self-service enrollment
  • Date: Mon, 17 Apr 2017 22:48:29 +0000
  • Accept-language: en-US
  • Authentication-results: internet2.edu; dkim=none (message not signed) header.d=none;internet2.edu; dmarc=none action=none header.from=internet2.edu;
  • Ironport-phdr: 9a23:5CnP0xPS7UVxEQHqO+Ql6mtUPXoX/o7sNwtQ0KIMzox0I/z9rarrMEGX3/hxlliBBdydsKMazbCI+Pm/BCQp2tWoiDg6aptCVhsI2409vjcLJ4q7M3D9N+PgdCcgHc5PBxdP9nC/NlVJSo6lPwWB6nK94iQPFRrhKAF7Ovr6GpLIj8Swyuu+54Dfbx9GiTe5YL5+Ngu6oATeusULg4ZvKrs6xwfUrHdPZ+lY335jK0iJnxb76Mew/Zpj/DpVtvk86cNOUrj0crohQ7BAAzsoL2465MvwtRneVgSP/WcTUn8XkhVTHQfI6gzxU4rrvSv7sup93zSaPdHzQLspVzmu87tnRRn1gyocKTU37H/YhdBxjKJDoRKuuRp/w5LPYIqIMPZyZ77Rcc8GSWZEWMtaSi5PDZ6mb4YXD+QPI/tWr5XzqVUNoxuxBwisC//gxDBHnXL2wbQ63/g9HQ3awAAsAdQDu2nUotXvM6cSVPi4wrPSwjXea/NdxCnw55LTchAiv/6NXa97fM3JyUYzDQzFlVaQppLlPj6O1+QNtXSb4PR6VeKplWEntx99riKxycgxl4nEn4QYwU3H+yVh2Is5O8e3RFJmbdOhDZdcqjyWOo54Qs4tX21kpCM3x78YtpO0fCUHzZEqywDDZ/Caa4SF5hDuWPyTLDp6nn5pZbayihSo/US91+HxWc+520tQoCVfiNnDrHUN2gTT6seZTvt9+V+s1y6T2g7U9u1IP1k4mLTZJJI827IwkYEcvlrZEi/xhUX2kLSZdkI5+uiu9uvreK3mpoWbN49olA7xLrgums24AeQ+KAQOWHWb+fi41L3k+k35Q69GgeExkqncqJzaJMIbqbClAwJNzIos8QqzAyqj3dgFgHULMVdIeByIgoT1J13DJfL1AumwjlmslTpmwu7KMqH8DpnVK3jMirbhfbJz605GzwozyMhS54pIBb4bO/LzWVH+tdzDAx84NQy03/joCM971owARWKDHLWVP73Pvl+V/u4vOfWDZJcJuDbhLPgo/+LhjXg8mVAHe6mmx5QXZ26hEvR7OEWWf2DsgswaHGcOvwo+V/DqiEacXTJJZnayWb486S8hCIKgE4jDWp6hjKaf0yimA50FLlxBX3qBF3GgUJ6EQfYKIHaYL8lnlRQFU6SsUYksyUvouQPnnelJNO3RrxURqJar/9Fu5ODC3UUq/jVvDMmM+2CLU2xumG4UHXk70L0p8h818UuKzaUt268QLtdU/f4cF15ibZM=
  • Spamdiagnosticoutput: 1:0

Ah - thanks!

> -----Original Message-----
> From: Benn Oshrin
> [mailto:]
> Sent: Monday, April 17, 2017 5:40 PM
> To: Paul Caskey
> <>
> Cc:
>
> Subject: Re: [comanage-users] SAML vars in self-service enrollment
>
> You typically would have something like this in your apache config...
>
> <Directory /var/www/html/registry/auth/login/>
> AuthType shibboleth
> ShibRequestSetting requireSession 1
> Require valid-user
> </Directory>
>
> <Location /registry>
> AuthType shibboleth
> Require shibboleth
> </Location>
>
> You only want to trigger authentication on the login pages, but you want the
> ENV variables set on other requests. You don't want to explicitly list
> enrollment URLs since in general there's not guarantee they won't change.
>
> Thanks,
>
> -Benn-
>
> On 4/17/17 12:22 PM, Paul Caskey wrote:
> > First of 2 quick questions...
> >
> >
> >
> > Is the right way to use IdP-asserted SAML vars in self-service
> > enrollment to just shibb-protect the enrollment URL?
> >
> >
> >
> > The mappings from env vars to form fields seems to be in place...
> >
> >
> >
> > Thanks!
> >



Archive powered by MHonArc 2.6.19.

Top of Page