Setting up Shibboleth to secure part of a website

Posted by HorusKol on Server Fault See other posts from Server Fault or by HorusKol
Published on 2011-01-06T00:51:08Z Indexed on 2011/01/06 0:56 UTC
Read the original article Hit count: 306

I've installed the Shibboleth module for apache on Ubuntu 10.04 using aptitude to install libapache2-mod-shib2 as per https://groups.google.com/group/shibboleth-users/browse_thread/thread/9fca3b2af04d5ca8?pli=1 and enabled the module (I have checked in /etc/apache2/mods-enabled)

I then proceeded to secure a directory on the server by placing a .htaccess file with the following directives:

AuthType shibboleth
ShibRequestSetting requireSession 1
Require valid-user

Now - I haven't set up an SSL host yet - and I also haven't set up the IdP - but I would expect that the server would block access to this directory - but I'm getting the content without any problems.

I have restarted the apache service and I have no errors in the log files.

© Server Fault or respective owner

Related posts about apache

Related posts about ubuntu