6:41 p.m.
We have a satosa instance running as a social-saml gateway: Frontend=saml;
backend=google.
It is behind Apache and accessed by mod_rewrite, essentually:
RewriteRule ^/(.*)$ https://localhost:7445/$1 [P]
This works, but the https seems unnecessary. It would be more efficient to use simple
http for the localhost rewrite.
However, that fails with a "Not destined for me!" in request.py's _verify --
simply because http is not https.
Is there a way to use simple http but avoid the error? Commenting out the "raise
OtherError" works, but I'd rather not have to edit the sources.
Thanks,
Jim Fox
University of Washington
6:46 p.m.
Sorry. I think I can answer my own question. It appears I can set the
base address to https even without actually using https. No cert or key
files.
Jim
On Mon, 9 Oct 2017, Jim Fox wrote:
Date: Mon, 9 Oct 2017 09:41:32
From: Jim Fox <fox at washington.edu>
To: satosa-users at lists.sunet.se
Subject: [satosa-users] "Not destined for me!"
We have a satosa instance running as a social-saml gateway: Frontend=saml;
backend=google.
It is behind Apache and accessed by mod_rewrite, essentually:
RewriteRule ^/(.*)$ https://localhost:7445/$1 [P]
This works, but the https seems unnecessary. It would be more efficient to
use simple http for the localhost rewrite.
However, that fails with a "Not destined for me!" in request.py's _verify
--
simply because http is not https.
Is there a way to use simple http but avoid the error? Commenting out the
"raise OtherError" works, but I'd rather not have to edit the sources.
Thanks,
Jim Fox
University of Washington
_______________________________________________
satosa-users mailing list
satosa-users at lists.sunet.se
https://lists.sunet.se/listinfo/satosa-users
3007
days inactive
3007
days old
1 comments
1 participants
participants (1)
-
fox@washington.edu