[shib_auth] HTTPS vs HTTP Help ASAP.

Luke Cameron lcameron at cityplym.ac.uk
Tue Jun 28 21:32:31 CEST 2011 

I see, I am not a drupal developer I deal with Shibboleth where I work.
An external company are doing the drupal setup. At moment they click
Shibboleth Login, it then redirects to my IdP page then it goes back to
https://localhost/drupal but I want to SSL the login then once in puts
them back on HTTP. 

I have ticked Force HTTPS on Login 

Hope that explains it. 

Luke

>>> "Peterson, Tommy"  06/28/11 8:23 PM >>>
<!--/* Font Definitions */@font-face{font-family:"Cambria
Math";panose-1:2 4 5 3 5 4 6 3 2
4;}@font-face{font-family:Calibri;panose-1:2 15 5 2 2 2 4 3 2
4;}@font-face{font-family:Tahoma;panose-1:2 11 6 4 3 5 4 4 2 4;}/* Style
Definitions */p.MsoNormal, li.MsoNormal,
div.MsoNormal{margin:0in;margin-bottom:.0001pt;font-size:12.0pt;font-family:"Times
New Roman","serif";}a:link,
span.MsoHyperlink{mso-style-priority:99;color:blue;text-decoration:underline;}a:visited,
span.MsoHyperlinkFollowed{mso-style-priority:99;color:purple;text-decoration:underline;}span.EmailStyle17{mso-style-type:personal;font-family:"Calibri","sans-serif";color:#1F497D;}span.EmailStyle18{mso-style-type:personal-reply;font-family:"Calibri","sans-serif";color:#1F497D;}.MsoChpDefault{mso-style-type:export-only;font-size:10.0pt;}@page
WordSection1{size:8.5in 11.0in;margin:1.0in 1.0in 1.0in
1.0in;}div.WordSection1{page:WordSection1;}-->Are you using the
shib_auth link on the standard Drupal login form?
 
I am not. I revised the standard Drupal log in page. It no longer shows
the remind password, log in, and set up a new account on a tabbed page.
When the user clicks *Log in* the IDP serves up its  log in page. If
they click create an account they are taken to Drupal*s page and the
same for remind password. I had to set up triggers on the table to take
care of the shib_authmap etc. So I guess I should say that I have
somewhat modify all of this. 
 
But my set up behaves as you suggested you are looking for below.
 
From: shib_auth-bounces at listserv.niif.hu
[mailto:shib_auth-bounces at listserv.niif.hu]On Behalf Of Luke Cameron
Sent: Tuesday, June 28, 2011 2:56 PM
To: shib_auth at listserv.niif.hu
Subject: Re: [shib_auth] HTTPS vs HTTP Help ASAP.


 
Hi Tommy,
How do you do that then...? because if I use the logged in redirect
within the plug-in, it seems to loop. But I don't think its a SP issue,
I think I may have issues with the plug-in.

Regards

Luke

>>> "Peterson, Tommy" 06/28/11 7:47 PM >>>


That is how mine works. They access HTTP. They log in via HTTPS form
page. Then it redirects them to HTTP. And I have HTTPS enabled on my
Shibboleth installation. And the user is still logged in.
 
--Tommy
 
From: shib_auth-bounces at listserv.niif.hu
[mailto:shib_auth-bounces at listserv.niif.hu]On Behalf Of Luke Cameron
Sent: Tuesday, June 28, 2011 2:40 PM
To: shib_auth at listserv.niif.hu
Subject: [shib_auth] HTTPS vs HTTP Help ASAP.


 
Hi All,
I have a web developer wanting to use Shib Authentication for Drupal, I
have setup the SP like normal with HTTPS enabled, but the web developer
wants them to login to Shib over HTTPS then redirect them back to HTTP
but when I try this in a test environment it wont work it shows them
logged out again. Can some confirm this is correct or a way of doing
what the web developer wants to do.

Regards

Luke Cameron 
 

This message contains Devin Group confidential information and is
intended only for the individual named. If you are not the named
addressee you should not disseminate, distribute or copy this e-mail.
Please notify the sender immediately by e-mail if you have received this
e-mail in error and delete this e-mail from your system. E-mail
transmissions cannot be guaranteed secure, error-free and information
could be intercepted, corrupted, lost, destroyed, arrive late,
incomplete, or contain viruses. The sender therefore does not accept
liability for errors or omissions in the contents of this message which
may arise as result of transmission. If verification is required please
request hard-copy version.




This message contains Devin Group confidential information and is
intended only for the individual named. If you are not the named
addressee you should not disseminate, distribute or copy this e-mail.
Please notify the sender immediately by e-mail if you have received this
e-mail in error and delete this e-mail from your system. E-mail
transmissions cannot be guaranteed secure, error-free and information
could be intercepted, corrupted, lost, destroyed, arrive late,
incomplete, or contain viruses. The sender therefore does not accept
liability for errors or omissions in the contents of this message which
may arise as result of transmission. If verification is required please
request hard-copy version.


 E-MAIL DISCLAIMER
 
This e-mail and any attachments are intended for the named recipient only and are to be treated as confidential unless the College agrees otherwise. If you are not the intended recipient, please notify the sender immediately deleting this e-mail without making copies or using it in any way. The College may be legally obliged to disclose e-mail communications in a response to a legitimate request pursuant to both the Freedom of Information Act 2000 and the Data Protection Act 1998. City College Plymouth reserves the right to monitor, in accordance with its legal obligations, any and all aspects of its e-mail system, including the content of e-mails received, but will not do so routinely. City College Plymouth cannot guarantee that this e-mail or any attachments to it are virus free and does not accept any liability for any damage, costs or loss resulting from any virus infection. Any views expressed in the message are those of the sender and may not necessarily reflect the views of the College.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://listserv.niif.hu/pipermail/shib_auth/attachments/20110628/14fb4d6e/attachment.htm>

More information about the shib_auth mailing list