Apache配置 - 从认证排除位置 [英] Apache Config - Exclude Location from Authentication
问题描述
我有一个是由一个Shibboleth的认证模块保护的Web应用程序。我现在的配置是如下
I have a web application that is being protected by a Shibboleth authentication module. My current config is as below
<Location /MyApp>
AuthType shibboleth
ShibUseHeaders On
ShibRequestSetting requireSession 1
require shibboleth
</Location>
在陈词滥调是用于提供SSO功能和电流引导用户到的的身份提供程序验证模块的为用户输入登录凭据。我希望能够打开特定的URL,这样的URL得到了验证模块旁路。我试过以下,但它似乎没有工作,我得到加载URL的空白页
The shibboleth is an authentication module that provides SSO capability and the current flow directs the user to an Identity Provider for the user to enter the login credentials. I want to be able to open up a specific URL so that the URL gets bypassed by the authentication module. I tried the below but it doesn't seem to work and I get a blank page on loading the URL
的方法1 的
<Location /MyApp/Login.html>
Satisfy Any
Allow from all
AuthType None
Require all granted
</Location>
的方法2 的
<Location /MyApp/Login.html>
AuthType shibboleth
ShibRequestSetting requireSession 0
require shibboleth
</Location>
我做了一些额外的调试和它出现的问题是与其他文件的的login.html 负载 - 如CSS,JS等什么是Apache的配置此正确的方式,使所述的login.html可以从认证绕过
I did some additional debugging and it appears that the problem is with additional files the Login.html loads - such as css, js etc. What is the correct way to configure this in Apache so that the Login.html can be bypassed from the authentication
感谢
推荐答案
我接近尾声关于其他文件排除注释被加载的的login.html 最终被正确的。我用下面的格式来排除正在由HTML文件中加载的文件
My comment towards the end regarding the exclusion of additional files being loaded by Login.html ended up being correct. I used the following format to exclude the files that were being loaded by the html file
<Location ~ "/MyApp/(Login.html|SessionTimeout.html|accessDenied.html|/badRequest.html|status|css/*|login/*|images/*|style/*|js/*|javascript/*|)">
Satisfy Any
Allow from all
AuthType None
Require all granted
</Location>
这篇关于Apache配置 - 从认证排除位置的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!