Re: Bypass Authn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Sep 23, 2020 at 4:15 PM Eric Covener <covener@xxxxxxxxx> wrote:
On Wed, Sep 23, 2020 at 4:11 PM <vadud3@xxxxxxxxx> wrote:
>
> Hi All,
>
> I am using this config and I am not able to connect to /mydir/noauth without authentication.
>
> ProxyPass /mydir http://example.org/mydir
> ProxyPassReverse /mydir https://example.org/mydir
>
> <Location /mydir/noauth>
>        Require all granted
> </Location>
>
> <Location /mydir>
>        Order allow,deny
>        Allow from all
>        AuthType Shibboleth
>        Header set X-Forwarded-Proto "https"
>        ShibUseHeaders On
>        ShibRequestSetting requireSession true
>       <RequireAny>
>               Require shib-attr AuthType "standard, x509, securePlus2, securePlus3"
>               Require shit-attr AppAuth true
>         </RequireAny>
> </Location>
>
> I am getting 302 when hitting http://mysite.org/mydir/noauth

Location blocks are processed in the order they appear, not the
hierarchical order.  Try flipping the order.


I did and restarted.

Still getting 302

 
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



--
Asif Iqbal
PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?

[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux