Public jsp in a protected area

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Public jsp in a protected area

hi all,

I've installed a Shibboleth2 Idp/SP and thanks to you all, now it's works.
But I still have a singular problem :

I have a Location "abc" protected by my shib.conf configuration :

<Location /abc>
  AuthType shibboleth
  ShibRequireSession On
  ShibUseHeaders On
  Require valid-user

But I have to authorise Everybody to access to a specific page of my application and this page is in the same location.

I tried to do something like :

<Location /abc/page.jsp>
  AuthType shibboleth
  ShibRequireSession Off
  ShibUseHeaders On
  Require valid-user

And it seems to work, I mean Shibboleth doesn't ask for authentification anymore but I have this kind of error :

Based on the information provided to this application about you, you are not authorized to access the resource at "http://xxxxx.xx/abc/page.jsp"

It's like if Apache let me go but Shibboleth not ...

For information here is a part of my shibboleth2.xml :

    <RequestMapper type="Native">
        <RequestMap applicationId="default">
                        <Host name="xxxxx.xx"></Host>

Thank you for your help.