Thanks for your answer, i changed the configuration.

But i had another problem to access the php protected page, so i searched 
into PoA.php. 
You use the explode function at lines 290 and 428 but the last parameter (-
1) drops each time the last part of the cut. In fact, $key and 
$userAssertion were empty so i have deleted the -1 and now i can connect 
to the sample_noauto.php page (I think you have changed this in the cvs 
but i didn't find the php one, maybe i am too bad). 
But the sample_auto.php page doesn't show me "Authentication/Authorization 
result" and "userAssertion" values, when i write the $loc value in the 
log, it is empty and the log tell me (of course) :
test_Lcook() Function. php_protect: Location parameter of Lcook is not 
I do have a lot of work...

Now i have some (more) questions:

-How can i see all the protected sites under my GPoA on the accept page?

   ->Maybe i can link, for each PoA, a specific page on the GPoA and then 
this page redirects me to the good PoA.

-If i allow the access to user X for a GPoA, user X can access all the 
PoAs under this GPoA, isn't it?

-I am going to see how to automaticaly redirects a user to the AS without 
doing anything from a simple PoA or a PoA under a GPoA(with WAYF, i 
think). Do you think it is possible to have a primary AS and redirects 
automaticaly a user to a secondary AS if this primary is down (also with 

Thanks a lot and best regards,