[shib_auth] HTTPS vs HTTP Help ASAP.

Tue Jun 28 22:47:34 CEST 2011

Hi,
So everything is setup correctly, I have read more into it and it could be the fact drupal things http connection hasnt had the user log in, but I dont know how to fix it...?

>>> "Peterson, Tommy"  06/28/11 8:35 PM >>>
<!--/* Font Definitions */@font-face{font-family:"Cambria Math";panose-1:2 4 5 3 5 4 6 3 2 4;}@font-face{font-family:Calibri;panose-1:2 15 5 2 2 2 4 3 2 4;}@font-face{font-family:Tahoma;panose-1:2 11 6 4 3 5 4 4 2 4;}/* Style Definitions */p.MsoNormal, li.MsoNormal, div.MsoNormal{margin:0in;margin-bottom:.0001pt;font-size:12.0pt;font-family:"Times New Roman","serif";}a:link, span.MsoHyperlink{mso-style-priority:99;color:blue;text-decoration:underline;}a:visited, span.MsoHyperlinkFollowed{mso-style-priority:99;color:purple;text-decoration:underline;}span.EmailStyle17{mso-style-type:personal;font-family:"Calibri","sans-serif";color:#1F497D;}span.EmailStyle18{mso-style-type:personal;font-family:"Calibri","sans-serif";color:#1F497D;}span.EmailStyle19{mso-style-type:personal-reply;font-family:"Calibri","sans-serif";color:#1F497D;}.MsoChpDefault{mso-style-type:export-only;font-size:10.0pt;}@page WordSection1{size:8.5in 11.0in;margin:1.0in 1.0in 1.0in 1.0in;}div.WordSection1{page:WordSection1;}-->Yes I have that checked as well.
And in the general settings I have 
https://hvcp2-qa-portal.hvcp.local/Shibboleth.sso/Login

I actually put https and check the checkbox.

From: shib_auth-bounces at listserv.niif.hu [mailto:shib_auth-bounces at listserv.niif.hu]On Behalf Of Luke Cameron
Sent: Tuesday, June 28, 2011 3:33 PM
To: shib_auth at listserv.niif.hu
Subject: Re: [shib_auth] HTTPS vs HTTP Help ASAP.

I see, I am not a drupal developer I deal with Shibboleth where I work. An external company are doing the drupal setup. At moment they click Shibboleth Login, it then redirects to my IdP page then it goes back to https://localhost/drupal but I want to SSL the login then once in puts them back on HTTP.

I have ticked Force HTTPS on Login 

Hope that explains it. 

Luke

>>> "Peterson, Tommy" 06/28/11 8:23 PM >>>

Are you using the shib_auth link on the standard Drupal login form?

I am not. I revised the standard Drupal log in page. It no longer shows the remind password, log in, and set up a new account on a tabbed page. When the user clicks ?Log in? the IDP serves up its  log in page. If they click create an account they are taken to Drupal?s page and the same for remind password. I had to set up triggers on the table to take care of the shib_authmap etc. So I guess I should say that I have somewhat modify all of this. 

But my set up behaves as you suggested you are looking for below.

From: shib_auth-bounces at listserv.niif.hu [mailto:shib_auth-bounces at listserv.niif.hu]On Behalf Of Luke Cameron
Sent: Tuesday, June 28, 2011 2:56 PM
To: shib_auth at listserv.niif.hu
Subject: Re: [shib_auth] HTTPS vs HTTP Help ASAP.

Hi Tommy,
How do you do that then...? because if I use the logged in redirect within the plug-in, it seems to loop. But I don't think its a SP issue, I think I may have issues with the plug-in.

Regards

Luke

>>> "Peterson, Tommy" 06/28/11 7:47 PM >>>

That is how mine works. They access HTTP. They log in via HTTPS form page. Then it redirects them to HTTP. And I have HTTPS enabled on my Shibboleth installation. And the user is still logged in.

--Tommy

From: shib_auth-bounces at listserv.niif.hu [mailto:shib_auth-bounces at listserv.niif.hu]On Behalf Of Luke Cameron
Sent: Tuesday, June 28, 2011 2:40 PM
To: shib_auth at listserv.niif.hu
Subject: [shib_auth] HTTPS vs HTTP Help ASAP.

Hi All,
I have a web developer wanting to use Shib Authentication for Drupal, I have setup the SP like normal with HTTPS enabled, but the web developer wants them to login to Shib over HTTPS then redirect them back to HTTP but when I try this in a test environment it wont work it shows them logged out again. Can some confirm this is correct or a way of doing what the web developer wants to do.

Regards

Luke Cameron 

This message contains Devin Group confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail.
Please notify the sender immediately by e-mail if you have received this e-mail in error and delete this e-mail from your system. E-mail transmissions cannot be guaranteed secure, error-free and information could be intercepted, corrupted, lost, destroyed, arrive late, incomplete, or contain viruses. The sender therefore does not accept liability for errors or omissions in the contents of this message which may arise as result of transmission. If verification is required please request hard-copy version.

 E-MAIL DISCLAIMER

This e-mail and any attachments are intended for the named recipient only and are to be treated as confidential unless the College agrees otherwise. If you are not the intended recipient, please notify the sender immediately deleting this e-mail without making copies or using it in any way. The College may be legally obliged to disclose e-mail communications in a response to a legitimate request pursuant to both the Freedom of Information Act 2000 and the Data Protection Act 1998. City College Plymouth reserves the right to monitor, in accordance with its legal obligations, any and all aspects of its e-mail system, including the content of e-mails received, but will not do so routinely. City College Plymouth cannot guarantee that this e-mail or any attachments to it are virus free and does not accept any liability for any damage, costs or loss resulting from any virus infection. Any views expressed in the message are those of the sender and may not necessarily reflect the views of the College.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://listserv.niif.hu/pipermail/shib_auth/attachments/20110628/68bda879/attachment.htm>