httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Covener <cove...@gmail.com>
Subject Re: [users@httpd] Bypass Authn
Date Wed, 23 Sep 2020 20:14:54 GMT
On Wed, Sep 23, 2020 at 4:11 PM <vadud3@gmail.com> wrote:
>
> Hi All,
>
> I am using this config and I am not able to connect to /mydir/noauth without authentication.
>
> ProxyPass /mydir http://example.org/mydir
> ProxyPassReverse /mydir https://example.org/mydir
>
> <Location /mydir/noauth>
>        Require all granted
> </Location>
>
> <Location /mydir>
>        Order allow,deny
>        Allow from all
>        AuthType Shibboleth
>        Header set X-Forwarded-Proto "https"
>        ShibUseHeaders On
>        ShibRequestSetting requireSession true
>       <RequireAny>
>               Require shib-attr AuthType "standard, x509, securePlus2, securePlus3"
>               Require shit-attr AppAuth true
>         </RequireAny>
> </Location>
>
> I am getting 302 when hitting http://mysite.org/mydir/noauth

Location blocks are processed in the order they appear, not the
hierarchical order.  Try flipping the order.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message