I host a webserver and want customers to authenticate using their ADFS server.
I cannot reach their server, they reach mine and theirs. This basically works. I now wonder if it's possible to setup Shibboleth SP in a manner I can bypass the authentication on the remote ADFS server when I access the website from a certain network.
I can setup a site in my IIS with an individual hostname. When I don't add that site to my shibboleth2.xml ISAPI configuration it would work. But it feels insecure.
Is there a way to configure shibboleth to only catch requests from a certain network?
