Secure » History » Version 1
Redmine Admin, 01/10/2017 09:32 AM
| 1 | 1 | Redmine Admin | h1. /secure |
|---|---|---|---|
| 2 | |||
| 3 | We have a generic directory for protected resources, it is called /secure. If you do not supply any path the shib_test.pl will be run. In our case it is served by apache (but the protection is in nginx) |
||
| 4 | |||
| 5 | apache conf |
||
| 6 | <pre> |
||
| 7 | RewriteRule ^/secure$ /secure/ [R,NE,L] |
||
| 8 | <Location /secure> |
||
| 9 | Options +ExecCGI |
||
| 10 | AddHandler cgi-script .pl |
||
| 11 | DirectoryIndex shib_test.pl |
||
| 12 | AddHandler cgi-script .py |
||
| 13 | </Location> |
||
| 14 | </pre> |
||
| 15 | |||
| 16 | The shib_test.pl script basically goes through the headers/env and checks whether you have the required ones. |
||
| 17 | The script allows some customization (if your shibboleth exports under different names) http://clarin.eu/content/testing-which-attributes-identity-provider-releases. |
||
| 18 | The script might "wrongly" report missing attributes in certain setups https://trac.clarin.eu/ticket/743 |