Configure Multi-domain SP

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Configure Multi-domain SP

PierreS
Hello,

I need to use shibboleth authentification with a "multi-domain" application (like a CMS).
I read lot of post, but can't find my answer. I hope you could help me.

I have to protect 2 link on my application :

*.example.com/target
*.example.com/othertarget/target (and protect this url if there is 2 GET parameters liake a=a and b=b)

For the first URL, i configure the sibboleth2.xml with :
...
<ApplicationDefaults entityID="myappliID" homeURL="http://www.example.com/Shibboleth.sso/">
<Sessions lifetime="28800" timeout="3600" relayState="ss:mem" checkAddress="false" handlerSSL="false" cookieProps="; domain=example.com; path=/;" handlerURL="http://www.example.com/Shibboleth.sso" >
...

It's working for "http://www.example.com", but not with other subdomain (like a.example.com, b.example.com...)
When i'm redirect to my application after authentification on my IDP, I got : "Shibboleth handler invoked at an unconfigured location".


For the second type of URL, i try to use apache to protect url but i can't filter GET parameters with "<location>".
So i try tu use "RequestMapper":
 <RequestMapper type="Native">
        <RequestMap applicationId="default">
             <HostRegex regex="example.com">
                <Path name="othertarget" requireSession="false">
                        <Path name="target">
                                <Query name="a" regex="a">
                                        <Query name="b" regex="b" authType="shibboleth" requireSession="true">
                                        </Query>
                                </Query>
                        </Path>
                </Path>
             </HostRegex>
        </RequestMap>
   </RequestMapper>

Any help will be greatly appreciated!

Thanks (and sorry for my english)