shibboleth-dev - RE: Apache mod & POST filtering
Subject: Shibboleth Developers
List archive
- From: "Scott Cantor" <>
- To: <>
- Subject: RE: Apache mod & POST filtering
- Date: Thu, 24 Jan 2008 15:52:08 -0500
- Organization: The Ohio State University
> Thank you Scott - Not having implemented Shib (yet), I was under the
> (seemingly mistaken) impression that POST'd content to a <Location>
> containing "AuthType Shibboleth" would first be checked by mod_shib to
> look for SAML, and otherwise passed through.
The auth type dictates whether mod_shib looks for a session cookie, but has
nothing to do with SAML protocol messages. Those are dealt with at the
handler location(s) (/Shibboleth.sso/Foo) and that's what uses
getRequestBody.
If I tried to redirect POSTs on timeout, then I'd have to solve this
problem, and since it can't be solved in IIS 5 or 6 at all, I haven't
bothered so far.
-- Scott
- OT: Apache mod & POST filtering, Smith, Matt, 01/24/2008
- RE: Apache mod & POST filtering, Scott Cantor, 01/24/2008
- RE: Apache mod & POST filtering, Smith, Matt, 01/24/2008
- RE: Apache mod & POST filtering, Scott Cantor, 01/24/2008
- RE: Apache mod & POST filtering, Smith, Matt, 01/24/2008
- RE: Apache mod & POST filtering, Scott Cantor, 01/24/2008
Archive powered by MHonArc 2.6.16.