[prev in list] [next in list] [prev in thread] [next in thread]
List: shibboleth-dev
Subject: Re: Configuring login in IDP 3 alpha with Tomcat
From: "Cantor, Scott" <cantor.2 () osu ! edu>
Date: 2014-08-29 17:05:20
Message-ID: D02629FC.5596D%cantor.2 () osu ! edu
[Download RAW message or body]
On 8/29/14, 12:52 PM, "Edwards, Wendy A" <wedwards@illinois.edu> wrote:
>I©öve been setting up Shib IDP v3 alpha with Tomcat, and was a little
>unclear about how to set up the login.
Have you looked at the alpha doc page on authentication yet?
>I assumed that I needed to modify the conf/authn/jaas.config file to look
>like
You can use JAAS or you can use native LDAP. That's discussed in the wiki
in the alpha pages on authentication.
>It©ös a little less clear how to translate the other instructions to Shib
>3, e.g the modifications to handler.xml and relying party.xml. It does
>look like conf/authn/ldap-authn-config.xml will probably need to be
>edited. The idp.properties file is already set to idp.authn.flows =
>IPAddress|Password .
That file is for native LDAP and won't use JAAS. Which is fine, but they
are two different approaches. If you're trying to use a JAAS config
directly, then you need to use the JAAS back-end option, which is not the
default at the moment, but may end up being the default for compatibility
reasons. See authn/password-authn-config.xml
> In fact, I wondered if it might be useful to have a walkthrough document
>about how to get Shib 3 up and running using the example LDAP server and
>talking to sp.testshib.org, since those services are already in place and
>working. Not that people would want to use that for production, but it
>might be a good starting point where people could see *something* working.
> I©öd be happy to document what I did if/when I get our local example
>running.
Those are all reasonable suggestions, but the documentation we have is all
we've had time for.
-- Scott
--
To unsubscribe from this list send an email to dev-unsubscribe@shibboleth.net
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic