Setting up Shibboleth to secure part of a website
Posted
by
HorusKol
on Server Fault
See other posts from Server Fault
or by HorusKol
Published on 2011-01-06T00:51:08Z
Indexed on
2011/01/06
0:56 UTC
Read the original article
Hit count: 306
I've installed the Shibboleth module for apache on Ubuntu 10.04 using aptitude to install libapache2-mod-shib2 as per https://groups.google.com/group/shibboleth-users/browse_thread/thread/9fca3b2af04d5ca8?pli=1 and enabled the module (I have checked in /etc/apache2/mods-enabled)
I then proceeded to secure a directory on the server by placing a .htaccess file with the following directives:
AuthType shibboleth
ShibRequestSetting requireSession 1
Require valid-user
Now - I haven't set up an SSL host yet - and I also haven't set up the IdP - but I would expect that the server would block access to this directory - but I'm getting the content without any problems.
I have restarted the apache service and I have no errors in the log files.
© Server Fault or respective owner