Perl 6 - the future is here, just unevenly distributed

IRC log for #shibboleth, 2014-08-07

| Channels | #shibboleth index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
04:31 dexap joined ##shibboleth
13:55 gritti joined ##shibboleth
13:59 gritti Hello. I am looking for information on how to run a Shibboleth SP on an Apache reverse proxy. The SP will be installed on the proxy, whereas the actual webcontent is located on the machine behind. Do you happen to know a place where I can find this information?
14:07 pdurbin gritti: this might help get you started: https://github.com/dvn/shibpoc
14:10 gritti pdurbin: thank you for the quick reply and link.
14:11 gritti pdurbin: in the shibboleth wiki i found the following information: https://wiki.shibboleth.net/confluence/display/SHIB2/SPReverseProxy    - but there the Shibboleth Agent/Client is installed on the webserver instead of the reverse-proxy
14:12 pdurbin is that the same thing that I'm installing in that proof of concept?
14:15 gritti pdurbin: uhm i am actually not quite sure. is your shibboleth service provider located on the webserver itself?
14:18 pdurbin yes
14:18 pdurbin `yum install shibboleth`
14:18 gritti pdurbin: okay, then your POC is not what i am looking for (although it is very interesting).
14:19 pdurbin bummer
14:19 gritti i am looking for a solution where the shibboleth package is installed on the reverse proxy:
14:19 gritti user ---->   apache-reverse-proxy + shibboleth     ------> web-server
14:20 gritti pdurbin: thanks for your help. much appreciated
14:20 pdurbin would you say apache is a reverse proxy if apache is listening on port 80 and forwarding traffic to port 8080?
14:21 pdurbin or do you call that something else?
14:21 gritti pdurbin: yes, you're actually right. but in my case the "port 8080" is located on another machine
14:22 gritti and the shibboleth package is not installed on this other machine - but maybe i am missing something
14:23 gritti currently my reverse proxy is trying to forward all traffic (including Shibboleth.sso) to the webserver behind
14:23 pdurbin gritti: I'm using "ProxyPass / ajp://localhost:8009/" at https://github.com/IQSS/dataverse/blob/master/conf/httpd/conf.d/dataverse.conf but maybe you wouldn't use "localhost"
14:23 gritti which of course does not work, because the shibboleth SP is running on the proxy
14:24 gritti pdurbin: very good link - thank you
14:24 gritti ProxyPassMatch ^/Shibboleth.sso !
14:24 gritti this might help
14:24 gritti let me give a try
14:24 gritti i'll let you know if it works
14:25 pdurbin +1
14:26 gritti pdurbin: i think you just solved part of my problem!
14:26 pdurbin +11
14:26 gritti thank you very much so far
14:26 pdurbin oh sure
14:26 gritti i'll have to configure some other locations and then i can move on. maybe i'll post an update tomorrow on IRC
14:26 gritti this will take me a while
14:26 gritti many thanks again. good help!
14:26 pdurbin o/
14:26 gritti -good
14:26 gritti +great
14:34 pdurbin hope it works out for you

| Channels | #shibboleth index | Today | | Search | Google Search | Plain-Text | summary