From: Osullivan L. <L.O...@sw...> - 2012-11-13 12:09:31
|
Hi Folks, I'm setting up Shibboleth on our test server to use with VuFind and I would like to know if it's possible to expose authentication values "on demand" rather than "on access". At present, redirecting all http traffic to https , I have tried the following: <Location /vufind/MyResearch> Authtype shibboleth ShibRequestSetting requireSession 1 ShibUseEnvoronment On Require shibboleth </Location> Which works fine for all the user related material in MyResearch but cause things like Holds to fail because they are outside of MyResearch. I would prefer not to use <Location /vufind> as I don't want to force users to Login as soon as they get to VuFind. The only way I can think to achieve what I want is to stop forcing all http traffic to https but that may get messy with generated url etc. Does anyone have any best practice I can follow? Thanks, Luke |