...
| Bloc de code | ||||
|---|---|---|---|---|
| ||||
# Security measure: remove any client-supplied REMOTE_USER header early. # to prevent credential/header spoofing before legitimate authentication occurs. # Mainly useful for /live, but applying it globally is harmless and ensures safety. # For locations requiring a Shibboleth session, mod_shib's built-in anti-spoofing is sufficient. RequestHeader unset REMOTE_USER early <Location /secure> AuthType shibboleth ShibRequestSetting requireSession 1 require shib-session ShibUseHeaders On </Location> <Location /manager> AuthType shibboleth ShibRequestSetting requireSession 1 require shib-session ShibUseHeaders On </Location> <Location /admin> AuthType shibboleth ShibRequestSetting requireSession 1 require shib-session ShibUseHeaders On </Location> <Location /nfc> AuthType shibboleth ShibRequestSetting requireSession 1 require shib-session ShibUseHeaders On </Location> |
...
tagIdCheckUrl : adresse du webservice permettant de retrouver une personne en fonction de sont identifiant de carte (csn ou idp2s)
Pour tester l'application rapidement, ajouter ce tagIdCheck (qui retournera toujours un résultat): ...
On copie/colle le répertoire webapp packagé ainsi dans le tomcat :
...
On arrête le tomcat avant et on le redémarre ensuite.
...