ssl and apache virtual hosts with SP installation

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

ssl and apache virtual hosts with SP installation

csross
The web server (solaris 8) I will be installing the SP on has an SSL virtual host.  This is the application (site) that prompted the need for shibboleth.  The IdP is not on this server.  Clients access the https site and then get authenticated with shibboleth and then continue on.  Does this tool use the 443 port/virtual host that I will be using for my application?  
Reply | Threaded
Open this post in threaded view
|

Re: ssl and apache virtual hosts with SP installation

Nate Klingenstein
csross,

It's a little hard to understand your question.  Which tool are you  
referring to?  If you're just asking whether the Shibboleth SP works  
with port 443 and TLS/SSL, the answer is, of course, and it's strongly  
recommended for security purposes.  It doesn't impose any special  
requirements on the SSL configuration.

Take care,
Nate.

On Jun 13, 2009, at 10:35 PM, csross wrote:

> The web server (solaris 8) I will be installing the SP on has an SSL  
> virtual
> host.  This is the application (site) that prompted the need for  
> shibboleth.
> The IdP is not on this server.  Clients access the https site and  
> then get
> authenticated with shibboleth and then continue on.  Does this tool  
> use the
> 443 port/virtual host that I will be using for my application?

Reply | Threaded
Open this post in threaded view
|

RE: [Shib-Users] ssl and apache virtual hosts with SP installation

csross

Hi,

 

Thank you for your quick response.  I just reread the install instruction and see that this line is placed inside my virtual host container for the site I am protecting, correct.  I do not have to create another virtual host for shibboleth (which couldn’t be 443 since it is already used).

 

Include /opt/shibboleth-sp/etc/shibboleth/apache22.config

 

This is my first experience with this tool so I am trying to fully understand it, as this is a very important site.

 

Thank you


From: Nate Klingenstein (via Nabble) [mailto:[hidden email]]
Sent: Saturday, June 13, 2009 6:44 PM
To: Christine Ross
Subject: Re: [Shib-Users] ssl and apache virtual hosts with SP installation

 

csross,

It's a little hard to understand your question.  Which tool are you  
referring to?  If you're just asking whether the Shibboleth SP works  
with port 443 and TLS/SSL, the answer is, of course, and it's strongly  
recommended for security purposes.  It doesn't impose any special  
requirements on the SSL configuration.

Take care,
Nate.

On Jun 13, 2009, at 10:35 PM, csross wrote:

> The web server (solaris 8) I will be installing the SP on has an SSL  
> virtual
> host.  This is the application (site) that prompted the need for  
> shibboleth.
> The IdP is not on this server.  Clients access the https site and  
> then get
> authenticated with shibboleth and then continue on.  Does this tool  
> use the
> 443 port/virtual host that I will be using for my application?



This email is a reply to your post @ http://n2.nabble.com/ssl-and-apache-virtual-hosts-with-SP-installation-tp3073842p3073852.html
You can reply by email or by visting the link above.

 

Reply | Threaded
Open this post in threaded view
|

Re: ssl and apache virtual hosts with SP installation

Nate Klingenstein
csross,

Yes, this is correct.  Most of the configuration you can do from Apache's configuration just defines how Shibboleth protects content.  The Shibboleth-specific configuration is in shibboleth2.xml.  All the basic directives for loading Shibboleth into Apache 2.2 are contained in that file.

Thanks,
Nate.

On Jun 13, 2009, at 10:53 PM, csross wrote:

Thank you for your quick response.  I just reread the install instruction and see that this line is placed inside my virtual host container for the site I am protecting, correct.  I do not have to create another virtual host for shibboleth (which couldn’t be 443 since it is already used).

 

Include /opt/shibboleth-sp/etc/shibboleth/apache22.config

 

This is my first experience with this tool so I am trying to fully understand it, as this is a very important site.


Reply | Threaded
Open this post in threaded view
|

RE: ssl and apache virtual hosts with SP installation

csross

Thank you for your help.  You are very helpful

 

Christine


From: Nate Klingenstein [mailto:[hidden email]]
Sent: Saturday, June 13, 2009 7:00 PM
To: [hidden email]
Subject: Re: [Shib-Users] ssl and apache virtual hosts with SP installation

 

csross,

 

Yes, this is correct.  Most of the configuration you can do from Apache's configuration just defines how Shibboleth protects content.  The Shibboleth-specific configuration is in shibboleth2.xml.  All the basic directives for loading Shibboleth into Apache 2.2 are contained in that file.

 

Thanks,

Nate.

 

On Jun 13, 2009, at 10:53 PM, csross wrote:



Thank you for your quick response.  I just reread the install instruction and see that this line is placed inside my virtual host container for the site I am protecting, correct.  I do not have to create another virtual host for shibboleth (which couldn’t be 443 since it is already used).

 

Include /opt/shibboleth-sp/etc/shibboleth/apache22.config

 

This is my first experience with this tool so I am trying to fully understand it, as this is a very important site.