...
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<servlet-mapping> <servlet-name>IdP</servlet-name> <url-pattern>/profile/Shibboleth/SSO</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>IdP</servlet-name> <url-pattern>/profile/Shibboleth/HS</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>IdP</servlet-name> <url-pattern>/profile/SAML1/SOAP/AttributeQuery</url-pattern> </servlet-mapping> |
- Added an additional
<url-pattern>to the set of container-protected paths.
...
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<ProtocolHandler implementation="edu.internet2.middleware.shibboleth.idp.provider.ShibbolethV1SSOHandler"> <Location>https://[^:/]+(:443)?/(shibboleth|idp/profile/Shibboleth)/SSO</Location> <!-- regex works when using default protocol ports --> </ProtocolHandler> <ProtocolHandler implementation="edu.internet2.middleware.shibboleth.idp.provider.ShibbolethV1SSOHandler"> <Location>https://[^:/]+(:443)?/(shibboleth|idp/profile/Shibboleth)/HS</Location> <!-- regex works when using default protocol ports --> </ProtocolHandler> <ProtocolHandler implementation="edu.internet2.middleware.shibboleth.idp.provider.SAMLv1_AttributeQueryHandler"> <Location>.+:8443/(shibboleth/AA|idp/profile/SAML1/SOAP/AttributeQuery)</Location> </ProtocolHandler> <ProtocolHandler implementation="edu.internet2.middleware.shibboleth.idp.provider.Shibboleth_StatusHandler"> <Location>https://[^:/]+(:443)?/(shibboleth|idp/profile)/Status</Location> </ProtocolHandler> |
Technically I could have made each one distinct and only authorized the specific paths expected for that copy, but it was simpler just to keep them consistent using the regular expressions.
...