search

nginx-shib / nginx-http-shibboleth

Shibboleth auth request module for nginx
https://github.com/nginx-shib/nginx-http-shibboleth/wiki
Other
209 stars 27 forks source link

Unable to setup different Applications in Shibboleth SP #23

Closed KirilKovachev closed 7 years ago

KirilKovachev commented 7 years ago

Hello, Is it possible to setup multiple Application from Shibboleth SP side and handle them correctly. I'm trying using the following in tag:

    <RequestMap applicationId = "default">
        <Host name="hostname1.zone1.com" scheme="https" port="9443"
               authType="shibboleth"
               requireSession="true"
                redirectToSSL="9443">
            <Path name="/test1" />
        </Host>
    </RequestMap>

    <RequestMap applicationId = "test2">
        <Host name="hostname2.zone2.com" scheme="https" port="9443"
               authType="shibboleth"
               requireSession="true"
                redirectToSSL="9443">
            <Path name="/test2" />
        </Host>
    </RequestMap>

and in ApplicationDefaults tag I've set <ApplicationOverride id="test2" entityID="https://hostname2.zone2.com/test2"/>

Using this setup only <RequestMap applicationId = "default"> is processed.

davidjb commented 7 years ago

I've only ever seen Shibboleth configurations with a single <RequestMap> element (eg like the docs at https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPRequestMap) so I'd suggest you follow their lead. You can see how they set a default application ID and then override that for a different hostname.

As this is related to a Shibboleth configuration issue / FastCGI processing, I'll close this question. Feel free to reopen if you feel it's related to the nginx module specifically.