[shib_auth] can someone please provide some input to this problem?

[Kristof Bajnok]

On 2011. June 6. 18:23:59 Tommy Peterson wrote:
> If I go any deeper (which I need to as I want to force authentication not
> to the entire site but to specific parts) I get the shibboleth log in page
> but after that nothing really happens. I get no error messages. I am not
> authenticated as I don’t see the headers. And the “sign in” link still
> appears on Drupal.

Then you are most probably staying in an URL which is not protected by 
Shibboleth.
Please trace the requests with LiveHTTPHeaders to keep track of the multiple 
redirects. Also note that for loading a page, your browser performs a handful 
of requests for content that might be located at different paths within your 
webserver. Apparently for some path Shibboleth is not turned on, therefore the 
SP does not populate the header. 

As I already said, I'm not sure that splitting your site to authenticated and 
unauthenticated parts is something practically feasible with Apache.

On Wed May 25 18:32:32 2011 I wrote:
"I wouldn't do that, because I don't know Drupal request paths enough. If you 
do, go ahead. Examine the requests with LiveHTTPHeaders or something similar. 
If Drupal does not change its behaviour (what it can, it's not a public API 
AFAIK), you can record the paths to the list of the exceptions. You will get 
all the CSS, pictures, fancy blocks, etc.

IMHO it's a very slippery slope."

Kristof