[shib_auth] can someone please provide some input to this problem?
Tommy Peterson
Tommy.Peterson at xpandcorp.com
Mon Jun 6 20:26:56 CEST 2011
Thanks for the response. And I have suspected all along something like this. However, I am not a Drupal expert and wasn't aware of LiveHTTPHeaders.
Anyway, when you said that splitting up the site for authenticated and unauthenticated parts isn't pratical . . . has this never been done with this module?
Thanks again.
-----Original Message-----
From: shib_auth-bounces at listserv.niif.hu [mailto:shib_auth-bounces at listserv.niif.hu] On Behalf Of Kristof Bajnok
Sent: Monday, June 06, 2011 2:24 PM
To: shib_auth at listserv.niif.hu
Subject: Re: [shib_auth] can someone please provide some input to this problem?
On 2011. June 6. 18:23:59 Tommy Peterson wrote:
> If I go any deeper (which I need to as I want to force authentication not
> to the entire site but to specific parts) I get the shibboleth log in page
> but after that nothing really happens. I get no error messages. I am not
> authenticated as I don’t see the headers. And the “sign in” link still
> appears on Drupal.
Then you are most probably staying in an URL which is not protected by
Shibboleth.
Please trace the requests with LiveHTTPHeaders to keep track of the multiple
redirects. Also note that for loading a page, your browser performs a handful
of requests for content that might be located at different paths within your
webserver. Apparently for some path Shibboleth is not turned on, therefore the
SP does not populate the header.
As I already said, I'm not sure that splitting your site to authenticated and
unauthenticated parts is something practically feasible with Apache.
On Wed May 25 18:32:32 2011 I wrote:
"I wouldn't do that, because I don't know Drupal request paths enough. If you
do, go ahead. Examine the requests with LiveHTTPHeaders or something similar.
If Drupal does not change its behaviour (what it can, it's not a public API
AFAIK), you can record the paths to the list of the exceptions. You will get
all the CSS, pictures, fancy blocks, etc.
IMHO it's a very slippery slope."
Kristof
_______________________________________________
shib_auth mailing list
shib_auth at listserv.niif.hu
https://listserv.niif.hu/mailman/listinfo/shib_auth
This message contains Devin Group confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail.
Please notify the sender immediately by e-mail if you have received this e-mail in error and delete this e-mail from your system. E-mail transmissions cannot be guaranteed secure, error-free and information could be intercepted, corrupted, lost, destroyed, arrive late, incomplete, or contain viruses. The sender therefore does not accept liability for errors or omissions in the contents of this message which may arise as result of transmission. If verification is required please request hard-copy version.
More information about the shib_auth
mailing list