AccessControl behaviour

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

AccessControl behaviour

jbren
Hi,

We have this configuration in shibboleth2.xml :

<RequestMapper type="Native">
  <RequestMap applicationId="default">
    <Host name="application.dev" authType="shibboleth" requireSession="true">
      <AccessControl>
        <OR>
          <Rule require="identifiant">user1</Rule>
          <Rule require="identifiant">user2</Rule>
        </OR>
      </AccessControl>
      <Path name="img/favicon.ico" authType="shibboleth" requireSession="false" />
    </Host>
  </RequestMap>
</RequestMapper>

About the path http://application.dev/img/favicon.ico, we are not redirect to login page (behaviour OK), but we have an error 500. We suppose that SP checks the AccessControl rules even if the requireSession attribute is set to false. This behaviour seems strange.

Do you have a solution for not checking this path ?

thanks,