Configuring Shibboleth to Protect Root Level with Tomcat/Apache
This page is being updated and refined - the information on it is not yet considered to be "official". Thanks for your understanding!
This guide will help you configure your Shibboleth application running on Tomcat/Apache under root level. This guide assumes that you are running Apache and Tomcat with mod jk.
http.conf
For the mod-shib section of the httpd.conf file make sure / is in the Location element.
<Location /> AuthType shibboleth require shibboleth </Location>
If you application is on root, you are probably routing everything to Tomcat. Thus we must exclude it and let Apache handle the Shibboleth part. We will be using JkUnMount. Add the elements below to the modjk section of the httpd.conf file.
JkUnMount /Shibboleth.sso/* worker1 JkUnMount /shibboleth worker1 JkUnMount /shibboleth-sp/* worker1