From: Tonu M. <tm...@um...> - 2017-03-21 19:08:48
|
You could rather do something like: AliasMatch ^/(?!Shibboleth.sso)(.*) /swadm/roundup/trackers/wcag/html/dummy.py/$1 This did the trick and Shibboleth login began to work. Thank you Georg for thinking about this and providing an answer! In case this is of interest... by default Shibboleth returns the Remote-User attribute in the form of an email. In order to make Shibboleth work with Roundup, I needed to change the username into an email address to match the Remote_User value. On Tue, Mar 21, 2017 at 10:42 AM, Georg Lehner <jor...@ma...> wrote: > On 02/23/2017 10:37 AM, Tonu Mikk wrote: > [..] > > > > <VirtualHost xxx.xxx.xxx.xxx:443> > > ServerName mydomain.com <http://mydomain.com> > > ServerAdmin em...@um... <mailto:em...@um...> > > > > AliasMatch ^/@@file(.*) /swadm/roundup/trackers/wcag/html$1 > > AliasMatch ^/(?!@@file)(.*) > > /swadm/roundup/trackers/wcag/html/dummy.py/$1 <http://dummy.py/$1> > > > > DocumentRoot /swadm/roundup/trackers/wcag/html > > > > <Directory /swadm/roundup/trackers/wcag/html> > > # Default allow policy > > Order Deny,Allow > > AuthType shibboleth > > ShibRequestSetting requireSession 1 > > Require valid-user > > RequestHeader set REMOTE-USER %{REMOTE_USER}s > > > > </Directory> > > > > AddHandler python-program .py > > PythonOptimize On > > PythonPath "sys.path + ['/usr/lib64/python2.6/site- > packages']" > > PythonHandler roundup.cgi.apache > > PythonOption TrackerHome /swadm/roundup/trackers/wcag > > PythonDebug On > > > > # SSL information omitted for brevity. > > </VirtualHost> > > > > Python Debug: > > > > MOD_PYTHON ERROR > > > > ProcessId: 23377 > > Interpreter: 'mydomain.com <http://mydomain.com>' > > > > ServerName: 'mydomain.com <http://mydomain.com>' > > DocumentRoot: '/swadm/roundup/trackers/wcag/html' > > > > URI: '/Shibboleth.sso/SAML2/POST' > > Location: None > > Directory: None > > Filename: '/swadm/roundup/trackers/wcag/html/dummy.py' > > PathInfo: '/Shibboleth.sso/SAML2/POST' > > > > Phase: 'PythonHandler' > > Handler: 'roundup.cgi.apache' > > > [..] > > Hello, > > The first AliasMatch lines, would not match '/Shibboleth.sso...' > > The second seems to be a contrived way of "match anything else", and > maps '/Shibboleth.sso/...' to: > > /swadm/roundup/trackers/wcag/html/dummy.py/Shibboleth.sso/SAML2/POST' > > which is not what you want. > > You could rather do something like: > > AliasMatch ^/(?!Shibboleth.sso)(.*) > /swadm/roundup/trackers/wcag/html/dummy.py/$1 > > so that '/Shibboleth.sso...' is not matched and handled otherwise by > Apache. > > IMHO a more stable approach would be a good planning of URI namespaces, > where your tracker uris are prefixed by some path, e.g. '/issues'. This > eases the matching magic. The "landing page" '/' could simply redirect > to '/issues/something' if you can't or don't want to communicate the > '/issues' prefix to your users. > > Best Regards, > > Georg Lehner > > > ------------------------------------------------------------ > ------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Roundup-users mailing list > Rou...@li... > https://lists.sourceforge.net/lists/listinfo/roundup-users > -- Tonu Mikk Adaptive Technologist | Disability Resource Center | diversity.umn.edu/disability University of Minnesota | umn.edu tm...@um... | 612-625-3307 |