Skip to Content.
Sympa Menu

shibboleth-dev - Re: Re: RE: Unprotect subfolder in shib protected directory

Subject: Shibboleth Developers

List archive

Re: Re: RE: Unprotect subfolder in shib protected directory


Chronological Thread 
  • From:
  • To:
  • Subject: Re: Re: RE: Unprotect subfolder in shib protected directory
  • Date: Tue, 5 Jun 2007 10:45:49 -0400 (EDT)

The answer to this may be of interest to no one but myself, but I finally
managed to get this to work and figured I'd throw this out there.

To restate: the problem is that shibboleth protects the URL
https://bb.uth.tmc.edu/webapps and everything below that, but there's a jsp
that an outside application needs to get at via http without authenticating
at http://bb.uth.tmc.edu/webapps/Teg-Tegrity-bb_bb60/getImsApi.jsp

Here's what I did (I think the first step was the key):
1. In /opt/shibboleth-sp/etc/shibboleth/apache.config
I replaced:
<Location /webapps>
AuthType shibboleth
ShibExportAssertion On
require valid-user
</Location>

with:
<Location /webapps>
AuthType shibboleth
require shibboleth
</Location>

2. In /opt/shibboleth-sp/etc/shibboleth/shibboleth.xml
I replaced the protected folder list on bb.uth:
<Host name="bb.uth.tmc.edu">
<Path name="webapps" authType="shibboleth" requireSession="true"
exportAssertion="true" >
</Path>
<Path name="bin" authType="shibboleth" requireSession="true"
exportAssertion="true" >
</Path>
</Host>

...with:

<Host name="bb.uth.tmc.edu">
<Path name="webapps" authType="shibboleth" requireSession="true"
exportAssertion="true" >
<Path name="Teg-Tegrity-bb_bb60" requireSession="false"/>
</Path>
</Host>



Archive powered by MHonArc 2.6.16.

Top of Page