Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.

eIf If you use Apache and all you need Shibboleth for is to create your application's own session you don't really need any host affinity at all.  You can use proxying to assure that all login activity occurs on the same host.


RewriteCond %{REQUEST_URI} /login
RewriteCond %{HTTP_COOKIE} !splogin
RewriteRule ^/login/(.*)$  /login-shib/$1 [PT]

Protect the real shib login path

Any require lines should be OK.

<LocationMatch /login-shib>
AuthType shibboleth
require valid-user
order allow,deny
allow from all