[prev in list] [next in list] [prev in thread] [next in thread] 

List:       shibboleth-users
Subject:    Re: Peoplesoft REST endpoints with Shib
From:       Peter Schober <peter.schober () univie ! ac ! at>
Date:       2019-11-28 10:39:52
Message-ID: 20191128103952.n3a6lsy7kzzfbxez () aco ! net
[Download RAW message or body]

* Ryan Suarez <ryan.suarez@sheridancollege.ca> [2019-11-28 00:21]:
> We configured Peoplesoft behind an Apache Proxy w/ Shib for SSO. Peoplesoft is \
> simply trusting the REMOTE_USER header. I configured Apache/Shib but I'm unfamiliar \
> with Peoplesoft. We have a problem where a Service Provider is trying to hit a REST \
> endpoint and of course they are being redirected to the IdP, ie: 
> https://sso.someurl.ca/PSIGW/RESTListeningConnector/someinstanceSCC_GET_LOV_R.v1/get/lovs?languageCd=en
>  
> What is the best way to deal with this scenario?

You don't say what the expected/desired haviour for accessing REST
endpoints would be. But assuming you want to exclude those from
protection by the web server you'd do just that.
A web search for excluding locations from authentification should
provide you with plenty of examples.

-peter
-- 
For Consortium Member technical support, see \
https://wiki.shibboleth.net/confluence/x/coFAAg To unsubscribe from this list send an \
email to users-unsubscribe@shibboleth.net


[prev in list] [next in list] [prev in thread] [next in thread]