Ticket #19 (enhancement)
Opened 2 years ago
Last modified 2 years ago
/tools URL needs an externa-auth equivalent
Status: new
| Reported by: | jpr@openidp.org | Assigned to: | jpr@openidp.org |
|---|---|---|---|
| Priority: | standard | Keywords: | shibboleth-sp config tools |
| Cc: |
The http://myvocs-box/tools page presents a printenv.pl and sample.txt page under the /tools/secure path that require authn to access. With the default shibboleth configuration these tools are protected by the "internal" shibboleth config, that is they will show values and base decisions on the attributes asserted by the vo idp. This is OK.
There needs to be an equivalent for external authn as well, eg. /tools/secext that is protected but only requires authn from external idps. This can be done with the extra dir and with a rule in the /etc/shibboleth-sp/shibboleth.xml to tie it into the external authn camp.
Work around: cp -rp /var/www/myvocs-box/tools/secure/ /var/www/myvocs-box/tools/secext