You can also have both activated http-basic and form-login at the same time. In that case http-basic will not show you a popup login window but if you send a basic authorization header within your request it will not show you the login form. This comes sometimes handy for testing purposes when your client is not a browser.
Best regards Jan > -----Ursprüngliche Nachricht----- > Von: Matthew Broadhead [mailto:[email protected]] > Gesendet: Samstag, 23. September 2017 17:08 > An: [email protected] > Betreff: Re: fediz idp form based authentication > > ok i figured out how to do this in > services/idp/src/main/webapp/WEB-INF/config/security-up-config.xml > by commenting > <security:http-basic .../> > and uncommenting > <security:form-login .../> > in > <security:http pattern="/federation/up/**" .../> and <security:http > pattern="/saml/up/**" ../> > > On 22/09/2017 18:48, Matthew Broadhead wrote: > > with fediz how to switch everything to FORM based auth instead of > > BASIC? Chrome caches all the BASIC stuff > > > > i looked in services/idp/src/main/webapp/WEB-INF/security-config.xml > > after reading this: > > http://janbernhardt.blogspot.com.es/2015/01/single-logout-with-fediz-w > > s-federation.html > > > > > > but the file doesn't look the same as the one in the example
