Blacklisted claums inside location tag #1110

Sugavanam · 2023-09-14T05:50:58Z

Sugavanam
Sep 14, 2023

Hello Team
I have a conf file in apache with multiple application protected inside location tag.
Is it possible to use oidcblacklistedclaims inside location tag so that it is separate for each application ?

<Location /abc>
...
oidcblacklistedclaims secId lastname
ProxyPass https://www.abc.com

<Location /xyz>
....
oidcblacklistedclaims lastname givenname
ProxyPass https://www.xyz.com

Is there Any other way we can achieve this scenario?

zandbelt · 2023-09-14T06:55:34Z

zandbelt
Sep 14, 2023
Maintainer

OIDCBlackListedClaims works globally on the claims stored in the session, but you can either:

use e.g. RequestHeader unset OIDC_CLAIM_givenname to remove the claims you want to blacklist from the propagated headers
use OIDCPassClaimsAs environment with specific RequestHeader set OIDC_CLAIM_sub "%{OIDC_CLAIM_sub}e" primitives to pass only the claims that you want to in headers on a specific path
use OIDCUserInfoClaimsExpr when compiled with libjq, see: https://github.com/OpenIDC/mod_auth_openidc/blob/v2.4.14.3/auth_openidc.conf#L819-L835

0 replies

Sugavanam · 2023-09-14T10:15:48Z

Sugavanam
Sep 14, 2023
Author

Thanks requestheader unset will solve my problem

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Blacklisted claums inside location tag #1110

Uh oh!

{{title}}

Uh oh!

Replies: 2 comments

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

Uh oh!

Blacklisted claums inside location tag #1110

Uh oh!

Sugavanam Sep 14, 2023

Replies: 2 comments

Uh oh!

zandbelt Sep 14, 2023 Maintainer

Uh oh!

Sugavanam Sep 14, 2023 Author

Sugavanam
Sep 14, 2023

zandbelt
Sep 14, 2023
Maintainer

Sugavanam
Sep 14, 2023
Author