- Enable Access Control
- Protect by Content Type: Under Permission, deselect anonymous user
- Create a 403 error page ("The content you are requesting requires valid MIT certificates...")
- In Blocks, locate Shibboleth Login under disabled blocks; Drag it up to Main Content; Save
- Go back to the Shibboleth block and select configure
- scroll down and enable this for only the pages you protected.
- Save