[prev in list] [next in list] [prev in thread] [next in thread] 

List:       shibboleth-users
Subject:    Re: Group Based Authorization for Apache Shibboleth SP  Site
From:       Peter Schober via users <users () shibboleth ! net>
Date:       2024-03-25 16:36:28
Message-ID: ZgGoDI2hn57RfGqB () aco ! net
[Download RAW message or body]

Bhagwat, Shrikant via users <users@shibboleth.net> [2024-03-22 17:54 CET]:
> I have Apache server with Shibboleth Service Provider.
> 
> https://shibboleth.atlassian.net/wiki/spaces/SHIB2/pages/2577072327/NativeSPApacheConfig

That's the documentation for the old, no longer supported, version of
the Shibboleth SP software, as indicated in the header of that page.

> How do I add Role based Authorization for /secure page ? Only if
> user has "Role" they access the site.
> 
> I will have Roles through SAML Assertions.

First you'd make sure you're mapping the SAML Attributes from the
Assertion tp internal attributes. See attribute-map.xml and the docs at
https://shibboleth.atlassian.net/wiki/spaces/SP3/pages/2065334421/XMLAttributeExtractor

You can find examples of authorization rules here:

SP3 wiki -> Getting started -> Apache -> htaccess:
https://shibboleth.atlassian.net/wiki/spaces/SP3/pages/2065335056/htaccess

HTH,
-peter
-- 
For Consortium Member technical support, see https://shibboleth.atlassian.net/wiki/x/ZYEpPw
To unsubscribe from this list send an email to users-unsubscribe@shibboleth.net
[prev in list] [next in list] [prev in thread] [next in thread]