Peoplesoft REST endpoints with Shib

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Peoplesoft REST endpoints with Shib

Ryan Suarez-2
Greetings,

We configured Peoplesoft behind an Apache Proxy w/ Shib for SSO. Peoplesoft is simply trusting the REMOTE_USER header. I configured Apache/Shib but I'm unfamiliar with Peoplesoft. We have a problem where a Service Provider is trying to hit a REST endpoint and of course they are being redirected to the IdP, ie:


What is the best way to deal with this scenario?

regards,
Ryan





--
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Peoplesoft REST endpoints with Shib

Peter Schober
* Ryan Suarez <[hidden email]> [2019-11-28 00:21]:
> We configured Peoplesoft behind an Apache Proxy w/ Shib for SSO. Peoplesoft is simply trusting the REMOTE_USER header. I configured Apache/Shib but I'm unfamiliar with Peoplesoft. We have a problem where a Service Provider is trying to hit a REST endpoint and of course they are being redirected to the IdP, ie:
>
> https://sso.someurl.ca/PSIGW/RESTListeningConnector/someinstanceSCC_GET_LOV_R.v1/get/lovs?languageCd=en
>
> What is the best way to deal with this scenario?

You don't say what the expected/desired haviour for accessing REST
endpoints would be. But assuming you want to exclude those from
protection by the web server you'd do just that.
A web search for excluding locations from authentification should
provide you with plenty of examples.

-peter
--
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to [hidden email]