This example provides two web pages, that is, login page (index.html) and authorization page (webapp.php) which will be appeared after the login.

 

index.html provides just a link to the location which is secured by shibboleth.
In the training course, this index.html is stored under the DocumentRoot (/var/www/html/).

<html>
  <head>
    <title>Sample Web Application</title>
  </head>
  <body marginheight="50" marginwidth="100">
    <H1>Sample Web Application</H1>
    <div style="border-style: solid; border-width: 1px; padding: 10px 5px 10px 20px;">
      <center>
      Let's learn how to use shibboleth authorization</br>
      ONLY UNIVERSITY STAFF CAN LOGIN THIS PAGE</br></br>
      <form><input type="button" value="Login" onClick="window.location.href='https://sp.example.asia/secure/webapp.php'"></form>      
      </center>
    </div>
  </body>
</html>

 

Afer the login, the user redirect to the webapp.php.
webapp.php lookup user attribute of eduPersonAffilication (ePA).
This sample application realize that only the user who has the value of "staff" in ePA can access to the site.
Other users  such as "faculty" and "student" will deny to access. 
User attribute can obtain as the apache environmental value, therefore, it's easy to obtain by using $_SERVER in case of PHP

<html>
  <head>
    <title>Sample Web Application for Checking Server Environment</title>
  </head>
  <body>
    <?PHP
      $eppn = $_SERVER['eppn'];
      $epa  = $_SERVER['unscoped-affiliation'];
      print "Your EPPN = ".$eppn."</br>";
      print "Your Affiliation = ".$epa."</br></br>";
      if ($epa == "staff") {
        print "You have the privilege to access this page. Please check server environments.</br></br>";
        phpinfo();
      } else {
        print "You have no privilege to access this page.</br>";
        print "Your access has been reported to the system administrator.";
      }
    ?>
  </body>
</html>